GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-10-09 07:42:59 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-3 SAMSUNG_HD160JJ rev.ZM100-41 149,05GB Running: gmer.exe; Driver: C:\DOCUME~1\ppp\USTAWI~1\Temp\uxtyapob.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 58, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 5B, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 58, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 59, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C572 .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 5A, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 59, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 5A, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91C5E3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 58, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91C711 .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 59, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 5A, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 5B, EF, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[228] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, EC, D3, 00] {SUB AH, CH; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, EF, D3, 00] {SUB BH, CH; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, EC, D3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, ED, D3, 00] {TEST AL, 0xed; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91AA06 .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, EE, D3, 00] {TEST AL, 0xee; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, ED, D3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, EE, D3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91AA77 .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, EC, D3, 00] {TEST AL, 0xec; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91ABA5 .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, ED, D3, 00] {SUB CH, CH; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, EE, D3, 00] {SUB DH, CH; ROL [EAX], CL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, EF, D3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, F8, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, FB, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, F8, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, F9, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91D212 .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, FA, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, F9, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, FA, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91D283 .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, F8, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91D3B1 .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, F9, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, FA, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, FB, FB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[356] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[508] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 20, C4, 01] {SBB [EAX], AH; LES EAX, [ECX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[508] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 10, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 13, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 10, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 11, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912D2A .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 12, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 11, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 12, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912D9B .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 10, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912EC9 .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 11, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 12, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 13, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[804] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 3C, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 3F, DB, 00] {SUB [EDI], BH; FILD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 3C, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 3D, DB, 00] {TEST AL, 0x3d; FILD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91B156 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 3E, DB, 00] {TEST AL, 0x3e; FILD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 3D, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 3E, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91B1C7 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 3C, DB, 00] {TEST AL, 0x3c; FILD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B2F5 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 3D, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 3E, DB, 00] {SUB [ESI], BH; FILD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 3F, DB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1776] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, F4, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, F7, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, F4, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, F5, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91290E .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, F6, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, F5, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, F6, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91297F .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, F4, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912AAD .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, F5, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, F6, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, F7, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2040] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Registry - GMER 2.1 ---- Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.Š-Ü\OpenWithProgids@`\1\x2018%Ü\0_\0a\0u\0t\0o\0_\0f\0i\0l\0e ---- EOF - GMER 2.1 ----