GMER 2.1.19155 - http://www.gmer.net Rootkit scan 2013-03-14 13:22:43 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.PBBO 149,05GB Running: ptoqwgxq.exe; Driver: C:\DOCUME~1\Piotr\USTAWI~1\Temp\awxcqpoc.sys ---- System - GMER 2.1 ---- SSDT \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ZwCreateSection [0x9FCF5700] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0xB9CCA14A] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0xB9CCA21A] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0xB9CC9D7C] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0xB9CC9F6A] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0xB9CCA000] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0xB9CC9E32] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0xB9CC9ECE] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0xB9CCA09C] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 88, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 8B, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 88, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 89, B1, 00] {TEST AL, 0x89; MOV CL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9187A2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 8A, B1, 00] {TEST AL, 0x8a; MOV CL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 89, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 8A, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B918813 .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 88, B1, 00] {TEST AL, 0x88; MOV CL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B918941 .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 89, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 8A, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 8B, B1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[644] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 2C, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 2F, EB, 00] {SUB [EDI], CH; JMP 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 2C, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 2D, EB, 00] {TEST AL, 0x2d; JMP 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C146 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 2E, EB, 00] {TEST AL, 0x2e; JMP 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 2D, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 2E, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91C1B7 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 2C, EB, 00] {TEST AL, 0x2c; JMP 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91C2E5 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 2D, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 2E, EB, 00] {SUB [ESI], CH; JMP 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 2F, EB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1912] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 10, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 13, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 10, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 11, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91362A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 12, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 11, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 12, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91369B .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 10, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9137C9 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 11, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 12, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 13, 60, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 9C, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 9F, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 9C, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 9D, 22, 00] {TEST AL, 0x9d; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90F8B6 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 9E, 22, 00] {TEST AL, 0x9e; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 9D, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 9E, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F927 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 9C, 22, 00] {TEST AL, 0x9c; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90FA55 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 9D, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 9E, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 9F, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2776] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A0, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, A3, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A0, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A1, E4, 00] {TEST AL, 0xa1; IN AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91BABA .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, A2, E4, 00] {TEST AL, 0xa2; IN AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A1, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, A2, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91BB2B .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A0, E4, 00] {TEST AL, 0xa0; IN AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91BC59 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A1, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, A2, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, A3, E4, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2980] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys Device mrxsmb.sys ---- Files - GMER 2.1 ---- File C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache\f_0039be 1781747 bytes File C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache\f_0039bf 1781760 bytes File C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache\f_0039c0 22037 bytes File C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Cache\f_0039c1 536331 bytes ---- EOF - GMER 2.1 ----