GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-05-04 03:43:17 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0002 Running: 1b9uyowh.exe; Driver: C:\Users\Ja\AppData\Local\Temp\agddrpob.sys ---- User code sections - GMER 1.0.15 ---- .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 20, 00] {SUB [EAX], AL; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 20, 00] {SUB [EBX], AL; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 20, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 20, 00] {TEST AL, 0x1; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 20, 00] {TEST AL, 0x2; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 20, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 20, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 20, 00] {TEST AL, 0x0; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 20, 00] {SUB [ECX], AL; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 20, 00] {SUB [EDX], AL; AND [EAX], AL} .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 20, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 36, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 44, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 0E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 3F, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 48, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 3E, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtCreateFile + 6 77A7424A 4 Bytes [28, 00, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtCreateFile + B 77A7424F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtMapViewOfSection + 6 77A7499A 1 Byte [28] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtMapViewOfSection + 6 77A7499A 4 Bytes [28, 03, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtMapViewOfSection + B 77A7499F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenFile + 6 77A74A2A 4 Bytes [68, 00, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenFile + B 77A74A2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenProcess + 6 77A74AAA 4 Bytes [A8, 01, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenProcess + B 77A74AAF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenProcessToken + B 77A74ABF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenProcessTokenEx + 6 77A74ACA 4 Bytes [A8, 02, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenProcessTokenEx + B 77A74ACF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenThread + 6 77A74B1A 4 Bytes [68, 01, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenThread + B 77A74B1F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenThreadToken + 6 77A74B2A 4 Bytes [68, 02, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenThreadToken + B 77A74B2F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtOpenThreadTokenEx + B 77A74B3F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtQueryAttributesFile + 6 77A74BCA 4 Bytes [A8, 00, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtQueryAttributesFile + B 77A74BCF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtQueryFullAttributesFile + B 77A74C7F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtSetInformationFile + 6 77A7515A 4 Bytes [28, 01, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtSetInformationFile + B 77A7515F 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtSetInformationThread + 6 77A751AA 4 Bytes [28, 02, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtSetInformationThread + B 77A751AF 1 Byte [E2] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 1 Byte [68] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtUnmapViewOfSection + 6 77A7544A 4 Bytes [68, 03, 37, 00] .text C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] ntdll.dll!NtUnmapViewOfSection + B 77A7544F 1 Byte [E2] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1472] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1784] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[1948] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2672] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[2748] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74177817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [741CA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7417BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7416F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [741775E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7416E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [741A8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7417DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7416FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7416FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [741671CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [741FCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7419C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7416D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74166853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7416687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3660] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74172AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[3856] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[4364] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 IAT C:\Users\Ja\AppData\Local\Google\Chrome\Application\chrome.exe[5912] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/ASUSTek Computer Inc) Device \Driver\ACPI_HAL \Device\00000045 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) ---- Files - GMER 1.0.15 ---- File C:\ADSM_PData_0150 0 bytes File C:\ADSM_PData_0150\DB 0 bytes File C:\ADSM_PData_0150\DB\SI.db 624 bytes File C:\ADSM_PData_0150\DB\UL.db 16 bytes File C:\ADSM_PData_0150\DB\VL.db 16 bytes File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable File C:\ADSM_PData_0150\_avt 512 bytes File C:\Users\Ja\AppData\Local\temp\etilqs_4MvAFUmK98G86Ut 4 bytes ---- EOF - GMER 1.0.15 ----