didou1969
Nouveau membre
Moi aussi, j'ai un problème avec pages de pub! voici le rapport:
GMER 1.0.15.15530 -
Rootkit scan 2010-12-28 09:55:07
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-6 ST3320820AS rev.3.AAD
Running: pjfp51ko.exe; Driver: C:\Users\acer\AppData\Local\Temp\kwrcyuob.sys
---- System - GMER 1.0.15 ----
INT 0x51 ? 84CC7E88
INT 0x93 ? 85806BF8
INT 0xA2 ? 84CC7E88
INT 0xA3 ? 85806BF8
INT 0xB2 ? 84CC7E88
INT 0xB3 ? 85806BF8
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8FC64BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8FC649D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8FC64B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE ntkrnlpa.exe!ZwLoadDriver 8297DDF0 7 Bytes JMP 8FC64B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 829E928F 5 Bytes JMP 8FC605D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 82A42063 5 Bytes JMP 8FC61FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 82A43905 7 Bytes JMP 8FC649D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 82AA390A 7 Bytes JMP 8FC64BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? System32\drivers\bxokw.sys Le chemin d'accès spécifié est introuvable. !
? System32\Drivers\spze.sys Le chemin d'accès spécifié est introuvable. !
.text USBPORT.SYS!DllUnload 8F5E041B 5 Bytes JMP 858061D8
.text amnelv1v.SYS 87F7F000 22 Bytes [82, 23, BD, 82, 6C, 22, BD, ...]
.text amnelv1v.SYS 87F7F017 181 Bytes [00, 32, A7, F0, 82, 3D, A5, ...]
.text amnelv1v.SYS 87F7F0CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text amnelv1v.SYS 87F7F0DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text amnelv1v.SYS 87F7F0E7 714 Bytes [00, F0, 0E, 00, 00, 00, 00, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1696] kernel32.dll!SetUnhandledExceptionFilter 7678A84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [82E0E6D6] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [82E0E042] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [82E0E800] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [82E0E0C0] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [82E0E13E] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortUchar] 8387FA5F
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] [100D8BA5] \Program Files\DAEMON Tools Lite\Engine.dll (Helper library/DT Soft Ltd)
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F87FA30
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [82E1DB90] \SystemRoot\System32\Drivers\spze.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Windows\system32\services.exe[700] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00060002
IAT C:\Windows\system32\services.exe[700] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00060000
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74927817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7497A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7492BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7491F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [749275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7491E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74958395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7492DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7491FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7491FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [749171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [749ACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7494C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7491D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74916853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7491687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74922AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8565A1F8
Device \FileSystem\fastfat \FatCdrom 850C3500
Device \Driver\volmgr \Device\VolMgrControl 84CC91F8
Device \Driver\usbohci \Device\USBPDO-0 86725500
Device \Driver\usbohci \Device\USBPDO-1 86725500
Device \Driver\PCI_PNP5986 \Device\00000052 spze.sys
Device \Driver\usbohci \Device\USBPDO-2 86725500
Device \Driver\usbohci \Device\USBPDO-3 86725500
Device \Driver\usbohci \Device\USBPDO-4 86725500
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\usbehci \Device\USBPDO-5 8671B1F8
Device \Driver\volmgr \Device\HarddiskVolume1 84CC91F8
Device \Driver\volmgr \Device\HarddiskVolume2 84CC91F8
Device \Driver\cdrom \Device\CdRom0 867341F8
Device \Driver\volmgr \Device\HarddiskVolume3 84CC91F8
Device \Driver\cdrom \Device\CdRom1 867341F8
Device \Driver\volmgr \Device\HarddiskVolume4 84CC91F8
Device \Driver\USBSTOR \Device\00000080 8688E1F8
Device \Driver\sptd \Device\2339002002 spze.sys
Device \Driver\volmgr \Device\HarddiskVolume5 84CC91F8
Device \Driver\USBSTOR \Device\00000081 8688E1F8
Device \Driver\volmgr \Device\HarddiskVolume6 84CC91F8
Device \Driver\volmgr \Device\HarddiskVolume7 84CC91F8
Device \Driver\netbt \Device\NetBt_Wins_Export 86CC01F8
Device \Driver\netbt \Device\NetBT_Tcpip_{2BE11AAB-AC8B-449A-B6D4-4CD65E7F45F4} 86CC01F8
Device \Driver\Smb \Device\NetbiosSmb 86CC5500
Device \Driver\iScsiPrt \Device\RaidPort0 868391F8
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\usbohci \Device\USBFDO-0 86725500
Device \Driver\usbohci \Device\USBFDO-1 86725500
Device \Driver\usbohci \Device\USBFDO-2 86725500
Device \Driver\usbohci \Device\USBFDO-3 86725500
Device \Driver\USBSTOR \Device\0000007d 8688E1F8
Device \Driver\usbohci \Device\USBFDO-4 86725500
Device \Driver\USBSTOR \Device\0000007e 8688E1F8
Device \Driver\usbehci \Device\USBFDO-5 8671B1F8
Device \Driver\USBSTOR \Device\0000007f 8688E1F8
Device \Driver\amnelv1v \Device\Scsi\amnelv1v1 865DF1F8
Device \Driver\amnelv1v \Device\Scsi\amnelv1v1Port5Path0Target0Lun0 865DF1F8
Device \FileSystem\fastfat \Fat 850C3500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs 85360500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001b10001d61
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
---- EOF - GMER 1.0.15 ----
Merci de m'aider! j'ai fait ccleaner,spybotet malware et aussi ad ware!
GMER 1.0.15.15530 -
Vous devez être connecté pour voir les liens.
Rootkit scan 2010-12-28 09:55:07
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-6 ST3320820AS rev.3.AAD
Running: pjfp51ko.exe; Driver: C:\Users\acer\AppData\Local\Temp\kwrcyuob.sys
---- System - GMER 1.0.15 ----
INT 0x51 ? 84CC7E88
INT 0x93 ? 85806BF8
INT 0xA2 ? 84CC7E88
INT 0xA3 ? 85806BF8
INT 0xB2 ? 84CC7E88
INT 0xB3 ? 85806BF8
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8FC64BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8FC649D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8FC64B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE ntkrnlpa.exe!ZwLoadDriver 8297DDF0 7 Bytes JMP 8FC64B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 829E928F 5 Bytes JMP 8FC605D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 82A42063 5 Bytes JMP 8FC61FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 82A43905 7 Bytes JMP 8FC649D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 82AA390A 7 Bytes JMP 8FC64BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? System32\drivers\bxokw.sys Le chemin d'accès spécifié est introuvable. !
? System32\Drivers\spze.sys Le chemin d'accès spécifié est introuvable. !
.text USBPORT.SYS!DllUnload 8F5E041B 5 Bytes JMP 858061D8
.text amnelv1v.SYS 87F7F000 22 Bytes [82, 23, BD, 82, 6C, 22, BD, ...]
.text amnelv1v.SYS 87F7F017 181 Bytes [00, 32, A7, F0, 82, 3D, A5, ...]
.text amnelv1v.SYS 87F7F0CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text amnelv1v.SYS 87F7F0DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text amnelv1v.SYS 87F7F0E7 714 Bytes [00, F0, 0E, 00, 00, 00, 00, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1696] kernel32.dll!SetUnhandledExceptionFilter 7678A84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtCreateFile + 6 77AD43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtCreateFile + B 77AD43DF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 1 Byte [28]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + 6 77AD4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtMapViewOfSection + B 77AD4B2F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenFile + 6 77AD4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenFile + B 77AD4BBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcess + 6 77AD4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcess + B 77AD4C3F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessToken + B 77AD4C4F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessTokenEx + 6 77AD4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenProcessTokenEx + B 77AD4C5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThread + 6 77AD4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThread + B 77AD4CAF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadToken + 6 77AD4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadToken + B 77AD4CBF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtOpenThreadTokenEx + B 77AD4CCF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryAttributesFile + 6 77AD4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryAttributesFile + B 77AD4D5F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtQueryFullAttributesFile + B 77AD4E0F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationFile + 6 77AD52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationFile + B 77AD52EF 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationThread + 6 77AD533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtSetInformationThread + B 77AD533F 1 Byte [E2]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 1 Byte [68]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + 6 77AD55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] ntdll.dll!NtUnmapViewOfSection + B 77AD55DF 1 Byte [E2]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [82E0E6D6] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [82E0E042] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [82E0E800] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [82E0E0C0] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [82E0E13E] \SystemRoot\System32\Drivers\spze.sys
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortUchar] 8387FA5F
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] [100D8BA5] \Program Files\DAEMON Tools Lite\Engine.dll (Helper library/DT Soft Ltd)
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F87FA30
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\amnelv1v.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [82E1DB90] \SystemRoot\System32\Drivers\spze.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[504] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Windows\system32\services.exe[700] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00060002
IAT C:\Windows\system32\services.exe[700] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00060000
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[2164] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74927817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7497A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7492BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7491F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [749275E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7491E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74958395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7492DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7491FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7491FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [749171CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [749ACAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7494C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7491D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74916853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7491687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74922AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\acer\AppData\Local\Google\Chrome\Application\chrome.exe[5572] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8565A1F8
Device \FileSystem\fastfat \FatCdrom 850C3500
Device \Driver\volmgr \Device\VolMgrControl 84CC91F8
Device \Driver\usbohci \Device\USBPDO-0 86725500
Device \Driver\usbohci \Device\USBPDO-1 86725500
Device \Driver\PCI_PNP5986 \Device\00000052 spze.sys
Device \Driver\usbohci \Device\USBPDO-2 86725500
Device \Driver\usbohci \Device\USBPDO-3 86725500
Device \Driver\usbohci \Device\USBPDO-4 86725500
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\usbehci \Device\USBPDO-5 8671B1F8
Device \Driver\volmgr \Device\HarddiskVolume1 84CC91F8
Device \Driver\volmgr \Device\HarddiskVolume2 84CC91F8
Device \Driver\cdrom \Device\CdRom0 867341F8
Device \Driver\volmgr \Device\HarddiskVolume3 84CC91F8
Device \Driver\cdrom \Device\CdRom1 867341F8
Device \Driver\volmgr \Device\HarddiskVolume4 84CC91F8
Device \Driver\USBSTOR \Device\00000080 8688E1F8
Device \Driver\sptd \Device\2339002002 spze.sys
Device \Driver\volmgr \Device\HarddiskVolume5 84CC91F8
Device \Driver\USBSTOR \Device\00000081 8688E1F8
Device \Driver\volmgr \Device\HarddiskVolume6 84CC91F8
Device \Driver\volmgr \Device\HarddiskVolume7 84CC91F8
Device \Driver\netbt \Device\NetBt_Wins_Export 86CC01F8
Device \Driver\netbt \Device\NetBT_Tcpip_{2BE11AAB-AC8B-449A-B6D4-4CD65E7F45F4} 86CC01F8
Device \Driver\Smb \Device\NetbiosSmb 86CC5500
Device \Driver\iScsiPrt \Device\RaidPort0 868391F8
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\usbohci \Device\USBFDO-0 86725500
Device \Driver\usbohci \Device\USBFDO-1 86725500
Device \Driver\usbohci \Device\USBFDO-2 86725500
Device \Driver\usbohci \Device\USBFDO-3 86725500
Device \Driver\USBSTOR \Device\0000007d 8688E1F8
Device \Driver\usbohci \Device\USBFDO-4 86725500
Device \Driver\USBSTOR \Device\0000007e 8688E1F8
Device \Driver\usbehci \Device\USBFDO-5 8671B1F8
Device \Driver\USBSTOR \Device\0000007f 8688E1F8
Device \Driver\amnelv1v \Device\Scsi\amnelv1v1 865DF1F8
Device \Driver\amnelv1v \Device\Scsi\amnelv1v1Port5Path0Target0Lun0 865DF1F8
Device \FileSystem\fastfat \Fat 850C3500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs 85360500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001b10001d61
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001b10001d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD3 0xD9 0x9C 0x3B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAF 0x20 0xB1 0xC8 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x16 0xA5 0x32 0x29 ...
---- EOF - GMER 1.0.15 ----
Merci de m'aider! j'ai fait ccleaner,spybotet malware et aussi ad ware!
