GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-11-04 01:29:47 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-e ST3320613AS rev.CC2H 298,09GB Running: grm0664t.exe; Driver: D:\Temp\ugtdrpow.sys ---- System - GMER 2.1 ---- SSDT 88D12C90 ZwAssignProcessToJobObject SSDT 88D13200 ZwDebugActiveProcess SSDT 88D132F0 ZwDuplicateObject SSDT 88D12590 ZwOpenProcess SSDT 88D12800 ZwOpenThread SSDT 88D12FD0 ZwProtectVirtualMemory SSDT 88D130E0 ZwQueueApcThread SSDT 88D12EC0 ZwSetContextThread SSDT 88D12D90 ZwSetInformationThread SSDT 88D0FDA0 ZwSetSecurityObject SSDT 88D12B90 ZwSuspendProcess SSDT 88D12A80 ZwSuspendThread SSDT 88D126E0 ZwTerminateProcess SSDT 88D12A50 ZwTerminateThread SSDT 88D136D0 ZwWriteVirtualMemory ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8B09360, 0x37399D, 0xE8000020] init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xB3808280] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A4, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, A7, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A4, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A5, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9135BE .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, A6, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A5, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, A6, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91362F .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A4, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91375D .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A5, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, A6, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, A7, 5F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1716] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3080] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 10, C4, 01] {SBB [EAX], DL; LES EAX, [ECX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3080] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 18, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 1B, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 18, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 19, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91D332 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 1A, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 19, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 1A, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91D3A3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 18, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91D4D1 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 19, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 1A, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 1B, FD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3244] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 34, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 37, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 34, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 35, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91A14E .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 36, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 35, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 36, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91A1BF .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 34, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91A2ED .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 35, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 36, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 37, CB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, BC, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, BF, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, BC, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, BD, A8, 00] {TEST AL, 0xbd; TEST AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917ED6 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, BE, A8, 00] {TEST AL, 0xbe; TEST AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, BD, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, BE, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917F47 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, BC, A8, 00] {TEST AL, 0xbc; TEST AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B918075 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, BD, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, BE, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, BF, A8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A0, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, A3, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A0, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A1, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C7BA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, A2, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A1, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, A2, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91C82B .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A0, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91C959 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A1, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, A2, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, A3, F1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Devices - GMER 2.1 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys ---- Files - GMER 2.1 ---- File C:\Documents and Settings\Uzytkownik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh\2.9.691_0\node_modules\express\node_modules\connect\node_modules\formidable\test\fixture\http\special-chars-in-filename\info.md 227 bytes ---- EOF - GMER 2.1 ----