GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2016-02-09 19:31:40 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e SAMSUNG_HD161HJ rev.JF100-19 149,05GB Running: xwvzbxpn.exe; Driver: C:\DOCUME~1\mlody\USTAWI~1\Temp\pglcrfoc.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[848] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, F0, C3, 01] .text C:\Program Files\Google\Chrome\Application\chrome.exe[848] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D8, 78, 00] {SUB AL, BL; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DB, 78, 00] {SUB BL, BL; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D8, 78, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D9, 78, 00] {TEST AL, 0xd9; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B914EF2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DA, 78, 00] {TEST AL, 0xda; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D9, 78, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DA, 78, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B914F63 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D8, 78, 00] {TEST AL, 0xd8; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B915091 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D9, 78, 00] {SUB CL, BL; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DA, 78, 00] {SUB DL, BL; JS 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DB, 78, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1044] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 20, 18, 00] {SUB [EAX], AH; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 23, 18, 00] {SUB [EBX], AH; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 20, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 21, 18, 00] {TEST AL, 0x21; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EE3A .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 22, 18, 00] {TEST AL, 0x22; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 21, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 22, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EEAB .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 20, 18, 00] {TEST AL, 0x20; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EFD9 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 21, 18, 00] {SUB [ECX], AH; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 22, 18, 00] {SUB [EDX], AH; SBB [EAX], AL} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 23, 18, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1212] WS2_32.dll!connect 71A54A07 5 Bytes JMP 01BA2580 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 48, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 4B, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 48, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 49, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917062 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 4A, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 49, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 4A, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9170D3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 48, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917201 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 49, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 4A, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 4B, 9A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, DC, 2B, 00] {SUB AH, BL; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DF, 2B, 00] {SUB BH, BL; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, DC, 2B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, DD, 2B, 00] {TEST AL, 0xdd; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9101F6 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DE, 2B, 00] {TEST AL, 0xde; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, DD, 2B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DE, 2B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910267 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, DC, 2B, 00] {TEST AL, 0xdc; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910395 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, DD, 2B, 00] {SUB CH, BL; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DE, 2B, 00] {SUB DH, BL; SUB EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DF, 2B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2328] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes CALL 5F8FD183 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, EB, CA, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes CALL 5F8FD673 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes JMP 5F8FD6D3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91A102 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes JMP E2FF00CA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes JMP 5F8FD733 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes JMP E2FF00CA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91A173 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes CALL 5F8FD7E3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91A2A1 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes JMP 5F8FDD33 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes JMP E2FF00CA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, EB, CA, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D0, 6A, 00] {SUB AL, DL; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, D3, 6A, 00] {SUB BL, DL; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D0, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D1, 6A, 00] {TEST AL, 0xd1; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9140EA .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, D2, 6A, 00] {TEST AL, 0xd2; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D1, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, D2, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91415B .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D0, 6A, 00] {TEST AL, 0xd0; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B914289 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D1, 6A, 00] {SUB CL, DL; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, D2, 6A, 00] {SUB DL, DL; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, D3, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 98, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 9B, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 98, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 99, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917BB2 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 9A, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 99, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 9A, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917C23 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 98, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917D51 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 99, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 9A, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 9B, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3332] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Tcp idmtdi.sys ---- Registry - GMER 2.1 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{58cfc084-8a97-4588-83b7-d2389223ebac}@Model 35 Reg HKLM\SOFTWARE\Classes\CLSID\{58cfc084-8a97-4588-83b7-d2389223ebac}@Therad 30 Reg HKLM\SOFTWARE\Classes\CLSID\{58cfc084-8a97-4588-83b7-d2389223ebac}@MData 0x2B 0x8F 0x78 0x29 ... Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0xE6 0x9B 0x9D 0x9C ... ---- Files - GMER 2.1 ---- File C:\Documents and Settings\mlody\Ustawienia lokalne\Temp\Katalog tymczasowy 1 dla _Getintopc.com_Adobe_Photoshop_CC_14.2_Final_Multilanguage.zip\Adobe_Photoshop_CC_14.2_Final_Multilanguage\Update to 14.2\Update Management Tool\AdobeDigitalPublishingCC-2.0\28.0.0\AdobePatchInstaller.e 1450352 bytes executable ---- EOF - GMER 2.1 ----