GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-09-02 11:58:08 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 ST380013AS rev.3.20 74,53GB Running: u7nlkoyh.exe; Driver: C:\Users\Anke\AppData\Local\Temp\fwtyypob.sys ---- Kernel code sections - GMER 2.1 ---- .text ntoskrnl.exe!ZwRollbackEnlistment + 1409 81C8B9A5 1 Byte [06] .text ntoskrnl.exe!KiDispatchInterrupt + 5A2 81CAB512 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtCreateFile + 6 77D1560E 4 Bytes [28, DC, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtCreateFile + B 77D15613 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 4 Bytes [28, DF, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtMapViewOfSection + B 77D15C73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenFile + 6 77D15D1E 4 Bytes [68, DC, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenFile + B 77D15D23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcess + 6 77D15DCE 4 Bytes [A8, DD, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcess + B 77D15DD3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcessToken + 6 77D15DDE 4 Bytes CALL 76D24BC0 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcessToken + B 77D15DE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcessTokenEx + 6 77D15DEE 4 Bytes [A8, DE, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenProcessTokenEx + B 77D15DF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThread + 6 77D15E4E 4 Bytes [68, DD, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThread + B 77D15E53 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThreadToken + 6 77D15E5E 4 Bytes [68, DE, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThreadToken + B 77D15E63 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThreadTokenEx + 6 77D15E6E 4 Bytes CALL 76D24C51 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtOpenThreadTokenEx + B 77D15E73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtQueryAttributesFile + 6 77D15F7E 4 Bytes [A8, DC, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtQueryAttributesFile + B 77D15F83 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtQueryFullAttributesFile + 6 77D1602E 4 Bytes CALL 76D24E0F C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtQueryFullAttributesFile + B 77D16033 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtSetInformationFile + 6 77D1667E 4 Bytes [28, DD, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtSetInformationFile + B 77D16683 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtSetInformationThread + 6 77D166DE 4 Bytes [28, DE, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtSetInformationThread + B 77D166E3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 4 Bytes [68, DF, ED, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[292] ntdll.dll!NtUnmapViewOfSection + B 77D16A03 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtCreateFile + 6 77D1560E 4 Bytes [28, 2C, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtCreateFile + B 77D15613 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 4 Bytes [28, 2F, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtMapViewOfSection + B 77D15C73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenFile + 6 77D15D1E 4 Bytes [68, 2C, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenFile + B 77D15D23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcess + 6 77D15DCE 4 Bytes [A8, 2D, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcess + B 77D15DD3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcessToken + 6 77D15DDE 4 Bytes CALL 76D1B010 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcessToken + B 77D15DE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcessTokenEx + 6 77D15DEE 4 Bytes [A8, 2E, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenProcessTokenEx + B 77D15DF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThread + 6 77D15E4E 4 Bytes [68, 2D, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThread + B 77D15E53 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThreadToken + 6 77D15E5E 4 Bytes [68, 2E, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThreadToken + B 77D15E63 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThreadTokenEx + 6 77D15E6E 4 Bytes CALL 76D1B0A1 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtOpenThreadTokenEx + B 77D15E73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtQueryAttributesFile + 6 77D15F7E 4 Bytes [A8, 2C, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtQueryAttributesFile + B 77D15F83 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtQueryFullAttributesFile + 6 77D1602E 4 Bytes CALL 76D1B25F C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtQueryFullAttributesFile + B 77D16033 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtSetInformationFile + 6 77D1667E 4 Bytes [28, 2D, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtSetInformationFile + B 77D16683 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtSetInformationThread + 6 77D166DE 4 Bytes [28, 2E, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtSetInformationThread + B 77D166E3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 4 Bytes [68, 2F, 52, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1368] ntdll.dll!NtUnmapViewOfSection + B 77D16A03 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtCreateFile + 6 77D1560E 4 Bytes [28, 00, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtCreateFile + B 77D15613 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 4 Bytes [28, 03, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtMapViewOfSection + B 77D15C73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenFile + 6 77D15D1E 4 Bytes [68, 00, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenFile + B 77D15D23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcess + 6 77D15DCE 4 Bytes [A8, 01, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcess + B 77D15DD3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcessToken + 6 77D15DDE 4 Bytes CALL 76D1C4E4 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcessToken + B 77D15DE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcessTokenEx + 6 77D15DEE 4 Bytes [A8, 02, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenProcessTokenEx + B 77D15DF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThread + 6 77D15E4E 4 Bytes [68, 01, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThread + B 77D15E53 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThreadToken + 6 77D15E5E 4 Bytes [68, 02, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThreadToken + B 77D15E63 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThreadTokenEx + 6 77D15E6E 4 Bytes CALL 76D1C575 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtOpenThreadTokenEx + B 77D15E73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtQueryAttributesFile + 6 77D15F7E 4 Bytes [A8, 00, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtQueryAttributesFile + B 77D15F83 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtQueryFullAttributesFile + 6 77D1602E 4 Bytes CALL 76D1C733 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtQueryFullAttributesFile + B 77D16033 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtSetInformationFile + 6 77D1667E 4 Bytes [28, 01, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtSetInformationFile + B 77D16683 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtSetInformationThread + 6 77D166DE 4 Bytes [28, 02, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtSetInformationThread + B 77D166E3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 4 Bytes [68, 03, 67, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1576] ntdll.dll!NtUnmapViewOfSection + B 77D16A03 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + 6 77D1560E 4 Bytes [28, 7C, F6, 00] {SUB [ESI+ESI*8+0x0], BH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + B 77D15613 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 4 Bytes [28, 7F, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + B 77D15C73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + 6 77D15D1E 4 Bytes [68, 7C, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + B 77D15D23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + 6 77D15DCE 4 Bytes [A8, 7D, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + B 77D15DD3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + 6 77D15DDE 4 Bytes CALL 76D25460 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + B 77D15DE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + 6 77D15DEE 4 Bytes [A8, 7E, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + B 77D15DF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + 6 77D15E4E 4 Bytes [68, 7D, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + B 77D15E53 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + 6 77D15E5E 4 Bytes [68, 7E, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + B 77D15E63 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + 6 77D15E6E 4 Bytes CALL 76D254F1 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + B 77D15E73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + 6 77D15F7E 4 Bytes [A8, 7C, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + B 77D15F83 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + 6 77D1602E 4 Bytes CALL 76D256AF C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + B 77D16033 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + 6 77D1667E 4 Bytes [28, 7D, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + B 77D16683 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + 6 77D166DE 4 Bytes [28, 7E, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + B 77D166E3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 4 Bytes [68, 7F, F6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + B 77D16A03 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtCreateFile + 6 77D1560E 4 Bytes [28, 2C, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtCreateFile + B 77D15613 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtMapViewOfSection + 6 77D15C6E 4 Bytes [28, 2F, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtMapViewOfSection + B 77D15C73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenFile + 6 77D15D1E 4 Bytes [68, 2C, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenFile + B 77D15D23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcess + 6 77D15DCE 4 Bytes [A8, 2D, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcess + B 77D15DD3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcessToken + 6 77D15DDE 4 Bytes CALL 76D24C10 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcessToken + B 77D15DE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcessTokenEx + 6 77D15DEE 4 Bytes [A8, 2E, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenProcessTokenEx + B 77D15DF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThread + 6 77D15E4E 4 Bytes [68, 2D, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThread + B 77D15E53 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThreadToken + 6 77D15E5E 4 Bytes [68, 2E, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThreadToken + B 77D15E63 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThreadTokenEx + 6 77D15E6E 4 Bytes CALL 76D24CA1 C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtOpenThreadTokenEx + B 77D15E73 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtQueryAttributesFile + 6 77D15F7E 4 Bytes [A8, 2C, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtQueryAttributesFile + B 77D15F83 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtQueryFullAttributesFile + 6 77D1602E 4 Bytes CALL 76D24E5F C:\Windows\system32\USER32.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtQueryFullAttributesFile + B 77D16033 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtSetInformationFile + 6 77D1667E 4 Bytes [28, 2D, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtSetInformationFile + B 77D16683 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtSetInformationThread + 6 77D166DE 4 Bytes [28, 2E, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtSetInformationThread + B 77D166E3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtUnmapViewOfSection + 6 77D169FE 4 Bytes [68, 2F, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1872] ntdll.dll!NtUnmapViewOfSection + B 77D16A03 1 Byte [E2] ---- EOF - GMER 2.1 ----