عيد مبارك سعيد

[إسمك هنا]

كل عام و انتم سعداء اتقياء
بقلوب بيضاء
و وجوه مشرقة مبتسمة
كل عام و انتم امنين مطمئنين
كل عام و الفرح يعم حياتكم و العافية تغلف اجسادكم
كل عام و انتم بخير
تقبل الله منا و منكم صالح الاعمال
اللهم آمين

هنئ اصدقائك بمناسبة عيد الفطر المبارك
قم بكتابة اسمك وقم بمشاركة الرسالة مع اصدقائك


































vendredi 19 mai 2017

uitsluitsel hier bedreiging aanwezig is

Hallo Rosty, Er wordt vermoed ik een crack zou kunnen gekocht hebben. Kan jij hier uitsluitsel over geven. http://ift.tt/2q0BH6b http://ift.tt/2r13JmV GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-05-19 21:35:06 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 SAMSUNG_HD642JJ rev.1AA01118 596,17GB Running: 2yprzhrc.exe; Driver: C:\Users\PECHKI~1\AppData\Local\Temp\fwddrkoc.sys ---- User code sections - GMER 2.2 ---- .text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[808] C:\Windows\system32\kernel32.dll!SetUnhandledExceptionFilter 0000000077889020 4 bytes [C3, 00, 00, 00] .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ef1401 2 bytes JMP 75b3b233 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ef1419 2 bytes JMP 75b3b35e C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ef1431 2 bytes JMP 75bb9149 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ef144a 2 bytes CALL 75b14885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ef14dd 2 bytes JMP 75bb8a42 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ef14f5 2 bytes JMP 75bb8c18 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ef150d 2 bytes JMP 75bb8938 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ef1525 2 bytes JMP 75bb8d02 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ef153d 2 bytes JMP 75b2fcc0 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ef1555 2 bytes JMP 75b36907 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ef156d 2 bytes JMP 75bb9201 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ef1585 2 bytes JMP 75bb8d62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ef159d 2 bytes JMP 75bb88fc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ef15b5 2 bytes JMP 75b2fd59 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ef15cd 2 bytes JMP 75b3b2f4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ef16b2 2 bytes JMP 75bb90c4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ef16bd 2 bytes JMP 75bb8891 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ef1401 2 bytes JMP 75b3b233 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ef1419 2 bytes JMP 75b3b35e C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ef1431 2 bytes JMP 75bb9149 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ef144a 2 bytes CALL 75b14885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ef14dd 2 bytes JMP 75bb8a42 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ef14f5 2 bytes JMP 75bb8c18 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ef150d 2 bytes JMP 75bb8938 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ef1525 2 bytes JMP 75bb8d02 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ef153d 2 bytes JMP 75b2fcc0 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ef1555 2 bytes JMP 75b36907 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ef156d 2 bytes JMP 75bb9201 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ef1585 2 bytes JMP 75bb8d62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ef159d 2 bytes JMP 75bb88fc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ef15b5 2 bytes JMP 75b2fd59 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ef15cd 2 bytes JMP 75b3b2f4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ef16b2 2 bytes JMP 75bb90c4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe[2324] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ef16bd 2 bytes JMP 75bb8891 C:\Windows\syswow64\kernel32.dll .text C:\Windows\SysWOW64\vmnat.exe[2844] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 4 0000000071f813b0 2 bytes JMP 761055d0 C:\Windows\syswow64\SHELL32.dll .text C:\Windows\SysWOW64\vmnat.exe[2844] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 20 0000000071f813c0 2 bytes CALL 75899cee C:\Windows\syswow64\msvcrt.dll .text ... * 20 .text C:\Windows\SysWOW64\vmnat.exe[2844] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 22 0000000071f8153e 2 bytes CALL 76197364 C:\Windows\syswow64\SHELL32.dll .text C:\Windows\SysWOW64\vmnat.exe[2844] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 43 0000000071f81553 2 bytes CALL 75b110ff C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ef1401 2 bytes JMP 75b3b233 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ef1419 2 bytes JMP 75b3b35e C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ef1431 2 bytes JMP 75bb9149 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ef144a 2 bytes CALL 75b14885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ef14dd 2 bytes JMP 75bb8a42 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ef14f5 2 bytes JMP 75bb8c18 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ef150d 2 bytes JMP 75bb8938 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ef1525 2 bytes JMP 75bb8d02 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ef153d 2 bytes JMP 75b2fcc0 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ef1555 2 bytes JMP 75b36907 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ef156d 2 bytes JMP 75bb9201 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ef1585 2 bytes JMP 75bb8d62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ef159d 2 bytes JMP 75bb88fc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ef15b5 2 bytes JMP 75b2fd59 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ef15cd 2 bytes JMP 75b3b2f4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ef16b2 2 bytes JMP 75bb90c4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[1356] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ef16bd 2 bytes JMP 75bb8891 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000077732bdc 5 bytes JMP 000000007427c3d0 .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ef1401 2 bytes JMP 75b3b233 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ef1419 2 bytes JMP 75b3b35e C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ef1431 2 bytes JMP 75bb9149 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ef144a 2 bytes CALL 75b14885 C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ef14dd 2 bytes JMP 75bb8a42 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ef14f5 2 bytes JMP 75bb8c18 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ef150d 2 bytes JMP 75bb8938 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ef1525 2 bytes JMP 75bb8d02 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ef153d 2 bytes JMP 75b2fcc0 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ef1555 2 bytes JMP 75b36907 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ef156d 2 bytes JMP 75bb9201 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ef1585 2 bytes JMP 75bb8d62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ef159d 2 bytes JMP 75bb88fc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ef15b5 2 bytes JMP 75b2fd59 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ef15cd 2 bytes JMP 75b3b2f4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ef16b2 2 bytes JMP 75bb90c4 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ef16bd 2 bytes JMP 75bb8891 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll + 1 00000000779b6131 11 bytes {MOV EAX, 0xfffffffff791baf0; INC BYTE [RDI]; ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000779dbfb0 14 bytes {MOV RAX, 0x7fef78762b0; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\system32\SSPICLI.DLL!EncryptMessage 000007fefd4950a0 3 bytes JMP 000007fef791cad0 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\system32\SSPICLI.DLL!EncryptMessage + 4 000007fefd4950a4 1 byte [FA] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\system32\SSPICLI.DLL!DecryptMessage 000007fefd4951f4 3 bytes JMP 000007fef791cce0 .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5820] C:\Windows\system32\SSPICLI.DLL!DecryptMessage + 4 000007fefd4951f8 1 byte [FA] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000779dbe00 7 bytes [48, B8, 60, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread + 8 00000000779dbe08 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 00000000779dbf70 7 bytes [48, B8, E0, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken + 8 00000000779dbf78 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 00000000779dbf90 7 bytes [48, B8, D0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess + 8 00000000779dbf98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 00000000779dbfa0 7 bytes [48, B8, C0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile + 8 00000000779dbfa8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000779dbfb0 7 bytes [48, B8, 40, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection + 8 00000000779dbfb8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 00000000779dbfd0 7 bytes [48, B8, B0, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection + 8 00000000779dbfd8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 00000000779dc020 7 bytes [48, B8, 50, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx + 8 00000000779dc028 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx 00000000779dc030 7 bytes [48, B8, 20, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx + 8 00000000779dc038 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 00000000779dc060 7 bytes [48, B8, 40, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile + 8 00000000779dc068 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 00000000779dc100 7 bytes [48, B8, 80, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile + 8 00000000779dc108 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 00000000779dc280 7 bytes [48, B8, C0, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile + 8 00000000779dc288 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 00000000779dccf0 7 bytes [48, B8, 00, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken + 8 00000000779dccf8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000779dcd40 7 bytes [48, B8, A0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread + 8 00000000779dcd48 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 00000000779dce90 7 bytes [48, B8, A0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5416] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile + 8 00000000779dce98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000779dbe00 7 bytes [48, B8, 60, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread + 8 00000000779dbe08 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 00000000779dbf70 7 bytes [48, B8, E0, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken + 8 00000000779dbf78 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 00000000779dbf90 7 bytes [48, B8, D0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess + 8 00000000779dbf98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 00000000779dbfa0 7 bytes [48, B8, C0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile + 8 00000000779dbfa8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000779dbfb0 7 bytes [48, B8, 40, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection + 8 00000000779dbfb8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 00000000779dbfd0 7 bytes [48, B8, B0, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection + 8 00000000779dbfd8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 00000000779dc020 7 bytes [48, B8, 50, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx + 8 00000000779dc028 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx 00000000779dc030 7 bytes [48, B8, 20, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx + 8 00000000779dc038 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 00000000779dc060 7 bytes [48, B8, 40, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile + 8 00000000779dc068 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 00000000779dc100 7 bytes [48, B8, 80, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile + 8 00000000779dc108 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 00000000779dc280 7 bytes [48, B8, C0, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile + 8 00000000779dc288 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 00000000779dccf0 7 bytes [48, B8, 00, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken + 8 00000000779dccf8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000779dcd40 7 bytes [48, B8, A0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread + 8 00000000779dcd48 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 00000000779dce90 7 bytes [48, B8, A0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile + 8 00000000779dce98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread 00000000779dbe00 7 bytes [48, B8, 60, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread + 8 00000000779dbe08 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken 00000000779dbf70 7 bytes [48, B8, E0, F9, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken + 8 00000000779dbf78 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess 00000000779dbf90 7 bytes [48, B8, D0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess + 8 00000000779dbf98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 00000000779dbfa0 7 bytes [48, B8, C0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile + 8 00000000779dbfa8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 00000000779dbfb0 7 bytes [48, B8, 40, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection + 8 00000000779dbfb8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection 00000000779dbfd0 7 bytes [48, B8, B0, F8, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection + 8 00000000779dbfd8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx 00000000779dc020 7 bytes [48, B8, 50, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx + 8 00000000779dc028 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx 00000000779dc030 7 bytes [48, B8, 20, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessTokenEx + 8 00000000779dc038 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 00000000779dc060 7 bytes [48, B8, 40, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile + 8 00000000779dc068 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile 00000000779dc100 7 bytes [48, B8, 80, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile + 8 00000000779dc108 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 00000000779dc280 7 bytes [48, B8, C0, FA, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile + 8 00000000779dc288 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken 00000000779dccf0 7 bytes [48, B8, 00, FE, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken + 8 00000000779dccf8 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread 00000000779dcd40 7 bytes [48, B8, A0, FD, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread + 8 00000000779dcd48 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile 00000000779dce90 7 bytes [48, B8, A0, FB, D1, 3F, 01] .text C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile + 8 00000000779dce98 6 bytes {ADD [RAX], AL; JMP RAX} .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 166 000000002f441afc 2 bytes [44, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075b18769 5 bytes JMP 000000006a7454c9 .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\ole32.dll!OleLoadFromStream 0000000075caa00a 5 bytes JMP 000000006b2084c4 .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\OLEAUT32.dll!VariantClear 00000000774d3f20 5 bytes JMP 000000006a77b0c2 .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString 00000000774d3f8a 5 bytes JMP 000000006a77102b .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen 00000000774d47ba 5 bytes JMP 000000006a7d18a6 .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[5952] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType 00000000774d5d66 5 bytes JMP 000000006a7af843 ---- User IAT/EAT - GMER 2.2 ---- IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!OpenServiceW] [7fedae56490] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!CloseServiceHandle] [7fedae55ca0] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!OpenSCManagerW] [7fedae56470] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!StartServiceW] [7fedae566e0] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6012] @ C:\Windows\system32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7fed9f92730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!OpenServiceW] [7fedae56490] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!CloseServiceHandle] [7fedae55ca0] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!OpenSCManagerW] [7fedae56470] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] @ C:\Windows\system32\DWrite.dll[ADVAPI32.dll!StartServiceW] [7fedae566e0] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll IAT C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5500] @ C:\Windows\system32\DWrite.dll[ntdll.dll!NtAlpcConnectPort] [7fed9f92730] C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\chrome_child.dll ---- Threads - GMER 2.2 ---- Thread C:\Windows\System32\svchost.exe [160:776] 000007fee16f14a0 Thread C:\Windows\System32\svchost.exe [160:4856] 000007fee83ca2b0 Thread C:\Windows\System32\svchost.exe [160:1852] 000007fee9f744d0 Thread C:\Windows\System32\svchost.exe [160:1908] 000007feeac789a8 Thread C:\Windows\SysWOW64\ntdll.dll [5592:5596] 00000000011f348c Thread C:\Windows\SysWOW64\ntdll.dll [5592:5616] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:5620] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:5624] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:5628] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4008] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:3392] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4708] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:2804] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:2756] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:2984] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:716] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4476] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:740] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:2600] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:912] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4496] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4504] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4508] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4436] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4484] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4396] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4456] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4472] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4368] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4012] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4452] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4320] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:1316] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4380] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4388] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4332] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4500] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4372] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4284] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:3400] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4400] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4424] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4268] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4276] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4336] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4316] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4448] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4252] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4264] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4464] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4488] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4492] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4344] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4468] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4356] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4292] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4416] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4304] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4288] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4272] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4364] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4404] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4420] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:1336] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4296] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4348] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4440] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4328] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4360] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4308] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:1888] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:4432] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:1896] 000000000120d0b5 Thread C:\Windows\SysWOW64\ntdll.dll [5592:2620] 000000000120d0b5 Thread C:\Windows\System32\svchost.exe [3804:4280] 000007fef6129688 ---- EOF - GMER 2.2 ----

uitsluitsel hier bedreiging aanwezig is
By -
Libellés : ,

بحث هذه المدونة الإلكترونية
Fourni par Blogger.

أرشيف المدونة الإلكترونية

التسميات

Signaler un abus

Articles les plus consultés

  • Easybookreloaded
    Hallo van het component "com_easybookreloaded_v2.5-7" wil ik graag de tekst voor het aanmaken van een bericht "Sign guestbook...
  • Functionaliteit inconsistentie schermen en bediening
    Het is er zo ingesleten dat het haast niet meer opvalt maar toch zou ik graag zien dat de inconsistentie rond schermen eens wordt aangepakt....
  • Tip van Berger
    Onderstaande quote komt uit DEZE POST . Citaat: Nog een tip voor de beheerder(s) van Minatica : "Tips en Trucs" is de rubri...

من أنا

إسمك هنا



شارك عبر الماسنجر شارك عبر الواتساب