GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-03-21 15:38:04 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9160821A rev.3.ALE 128,00GB Running: inrrqvvh.exe; Driver: C:\DOCUME~1\EPS\USTAWI~1\Temp\pxtdrpob.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\DRIVERS\PSINReg.sys ZwCreateKey [0xB5E506AE] SSDT \SystemRoot\system32\DRIVERS\PSINReg.sys ZwOpenKey [0xB5E50592] SSDT \SystemRoot\system32\DRIVERS\PSINProc.sys ZwTerminateProcess [0xB5E6C7CC] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 20, C4, 01] {SBB [EAX], AH; LES EAX, [ECX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 01610001 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSALookupServiceNextW 71A53181 6 Bytes JMP 71A90F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSALookupServiceEnd 71A5350E 6 Bytes JMP 71A30F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSALookupServiceBeginW 71A535EF 6 Bytes JMP 71AF0F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!send 71A54C27 6 Bytes JMP 71A00F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSARecv 71A54CB5 6 Bytes JMP 71970F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!recv 71A5676F 6 Bytes JMP 719D0F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSASend 71A568FA 6 Bytes JMP 719A0F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2632] WS2_32.dll!WSAGetOverlappedResult 71A60D1B 6 Bytes JMP 71940F5A .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 84, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 87, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 84, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 85, E0, 00] {TEST AL, 0x85; LOOPNZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91B69E .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 86, E0, 00] {TEST AL, 0x86; LOOPNZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 85, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 86, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91B70F .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 84, E0, 00] {TEST AL, 0x84; LOOPNZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B83D .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 85, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 86, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 87, E0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2884] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B0, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B3, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B0, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B1, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C9CA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B2, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B1, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B2, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91CA3B .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B0, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91CB69 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B1, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B2, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B3, F3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D4, 19, 00] {SUB AH, DL; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, D7, 19, 00] {SUB BH, DL; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D4, 19, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D5, 19, 00] {TEST AL, 0xd5; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EFEE .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, D6, 19, 00] {TEST AL, 0xd6; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D5, 19, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, D6, 19, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F05F .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D4, 19, 00] {TEST AL, 0xd4; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F18D .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D5, 19, 00] {SUB CH, DL; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, D6, 19, 00] {SUB DH, DL; SBB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, D7, 19, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3372] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, C4, E1, 00] {SUB AH, AL; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, C7, E1, 00] {SUB BH, AL; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, C4, E1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, C5, E1, 00] {TEST AL, 0xc5; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91B7DE .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, C6, E1, 00] {TEST AL, 0xc6; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, C5, E1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, C6, E1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91B84F .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, C4, E1, 00] {TEST AL, 0xc4; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B97D .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, C5, E1, 00] {SUB CH, AL; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, C6, E1, 00] {SUB DH, AL; LOOPZ 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, C7, E1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3384] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 88, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 8B, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 88, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 89, E7, 00] {TEST AL, 0x89; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91BDA2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 8A, E7, 00] {TEST AL, 0x8a; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 89, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 8A, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91BE13 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 88, E7, 00] {TEST AL, 0x88; OUT 0x0, EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91BF41 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 89, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 8A, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 8B, E7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3564] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 98, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 9B, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 98, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 99, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9181B2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 9A, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 99, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 9A, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B918223 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 98, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B918351 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 99, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 9A, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 9B, AB, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 6C, BC, 00] {SUB [ESP+EDI*4+0x0], CH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 6F, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 6C, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 6D, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B919286 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 6E, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 6D, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 6E, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9192F7 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 6C, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B919425 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 6D, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 6E, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 6F, BC, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3740] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 74, 85, 00] {SUB [EBP+EAX*4+0x0], DH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 77, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 74, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 75, 85, 00] {TEST AL, 0x75; TEST [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B915B8E .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 76, 85, 00] {TEST AL, 0x76; TEST [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 75, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 76, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B915BFF .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 74, 85, 00] {TEST AL, 0x74; TEST [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B915D2D .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 75, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 76, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 77, 85, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3760] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 5C, B0, 00] {SUB [EAX+ESI*4+0x0], BL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 5F, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 5C, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 5D, B0, 00] {TEST AL, 0x5d; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B918676 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 5E, B0, 00] {TEST AL, 0x5e; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 5D, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 5E, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9186E7 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 5C, B0, 00] {TEST AL, 0x5c; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B918815 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 5D, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 5E, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 5F, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3868] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Ip NNSPihs.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys AttachedDevice \Driver\Tcpip \Device\Tcp NNSPihs.sys AttachedDevice \Driver\Tcpip \Device\Udp NNSPihs.sys AttachedDevice \Driver\Tcpip \Device\RawIp NNSPihs.sys ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026@dc9fa434416b 0x24 0x61 0x0C 0x9C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026@e4b0219bde30 0xCF 0x0C 0x5D 0x83 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026@5812433b2500 0xBF 0x09 0x8E 0xAB ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026@dc9fa4f8b7e1 0xFE 0x69 0x4B 0x0A ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026@dc9fa434416b 0x24 0x61 0x0C 0x9C ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026@e4b0219bde30 0xCF 0x0C 0x5D 0x83 ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026@5812433b2500 0xBF 0x09 0x8E 0xAB ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026@dc9fa4f8b7e1 0xFE 0x69 0x4B 0x0A ... ---- Files - GMER 2.1 ---- File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\mocha\lib\reporters\templates\coverage.jade 1387 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\mocha\lib\reporters\templates\menu.jade 422 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\mocha\lib\reporters\templates\script.html 608 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\mocha\lib\reporters\templates\style.html 17006 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\sinon\test\sinon\util\event_test.js 3459 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\sinon\test\sinon\util\fake_server_test.js 22734 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\sinon\test\sinon\util\fake_server_with_clock_test.js 6379 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\sinon\test\sinon\util\fake_timers_test.js 28799 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj\100.729.741_0\scripts\lib\qowt\third_party\when\node_modules\promises-aplus-tests\node_modules\sinon\test\sinon\util\fake_xml_http_request_test.js 47153 bytes File C:\Documents and Settings\EPS\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extension State\044350.log 0 bytes ---- EOF - GMER 2.1 ----