GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-12-27 12:30:31 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM500JI rev.2AC101C4 Running: 34u1begm.exe; Driver: C:\Windows\TEMP\kwwcipob.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!ZwSaveKeyEx + 13B1 82C438E9 1 Byte [06] .text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82C633D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} PAGE spsys.sys!?SPRevision@@3PADA + 4F90 A8242000 68 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...] PAGE spsys.sys!?SPRevision@@3PADA + 4FD5 A8242045 152 Bytes [8B, C6, F0, 0F, BA, 28, 00, ...] PAGE spsys.sys!?SPRevision@@3PADA + 506E A82420DE 50 Bytes [A8, 75, 06, 09, 0D, 28, D5, ...] PAGE spsys.sys!?SPRevision@@3PADA + 50A1 A8242111 17 Bytes [87, 01, 6A, 00, 6A, 20, A3, ...] PAGE spsys.sys!?SPRevision@@3PADA + 50B3 A8242123 486 Bytes [D5, 23, A8, FE, 05, 34, D5, ...] PAGE ... ---- User code sections - GMER 1.0.15 ---- .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[1800] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2000] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2016] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2636] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2692] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2752] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 17, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[2800] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtCreateFile + 6 776B4A36 4 Bytes [28, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtCreateFile + B 776B4A3B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtMapViewOfSection + 6 776B5096 1 Byte [28] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtMapViewOfSection + 6 776B5096 4 Bytes [28, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtMapViewOfSection + B 776B509B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenFile + 6 776B5146 4 Bytes [68, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenFile + B 776B514B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenProcess + 6 776B51F6 4 Bytes [A8, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenProcess + B 776B51FB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenProcessToken + B 776B520B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenProcessTokenEx + 6 776B5216 4 Bytes [A8, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenProcessTokenEx + B 776B521B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenThread + 6 776B5276 4 Bytes [68, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenThread + B 776B527B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenThreadToken + 6 776B5286 4 Bytes [68, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenThreadToken + B 776B528B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtOpenThreadTokenEx + B 776B529B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtQueryAttributesFile + 6 776B53A6 4 Bytes [A8, 00, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtQueryAttributesFile + B 776B53AB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtQueryFullAttributesFile + B 776B545B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtSetInformationFile + 6 776B5AA6 4 Bytes [28, 01, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtSetInformationFile + B 776B5AAB 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtSetInformationThread + 6 776B5B06 4 Bytes [28, 02, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtSetInformationThread + B 776B5B0B 1 Byte [E2] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 1 Byte [68] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtUnmapViewOfSection + 6 776B5E26 4 Bytes [68, 03, 07, 00] .text C:\Graty\GoogleChromePortable\App\Chrome-bin\chrome.exe[3124] ntdll.dll!NtUnmapViewOfSection + B 776B5E2B 1 Byte [E2] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\00000043 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----