GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-02-07 16:54:13 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 HITACHI_DK23EA-30 rev.00K4A0A2 27,95GB Running: wp1km0z5.exe; Driver: C:\DOCUME~1\dunia80\USTAWI~1\Temp\fwaoqfoc.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 20, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 23, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 20, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 21, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B912D1C .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 22, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 21, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 22, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B912D8D .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 20, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B912EBB .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 21, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 22, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 23, 57, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2592] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] ---- EOF - GMER 2.1 ----