GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-09-04 00:16:58 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e Hitachi_HTS542512K9SA00 rev.BB2OC31P Running: gmer.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\fwddipog.sys ---- System - GMER 1.0.15 ---- SSDT spnz.sys ZwCreateKey [0xB9EB50E0] SSDT spnz.sys ZwEnumerateKey [0xB9ECDDA4] SSDT spnz.sys ZwEnumerateValueKey [0xB9ECE132] SSDT spnz.sys ZwOpenKey [0xB9EB50C0] SSDT spnz.sys ZwQueryKey [0xB9ECE20A] SSDT spnz.sys ZwQueryValueKey [0xB9ECE08A] SSDT spnz.sys ZwSetValueKey [0xB9ECE29C] INT 0x62 ? 89E42BF8 INT 0x63 ? 89C00BF8 INT 0x74 ? 89C00BF8 INT 0x82 ? 89E42BF8 INT 0x84 ? 89C00BF8 INT 0x94 ? 89C00BF8 INT 0xA4 ? 89E42BF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spnz.sys Nie można odnaleźć określonego pliku. ! .text USBPORT.SYS!DllUnload B96918AC 5 Bytes JMP 89C001D8 .text a35opghy.SYS B94A7386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text a35opghy.SYS B94A73AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text a35opghy.SYS B94A73C4 3 Bytes [00, 80, 02] .text a35opghy.SYS B94A73C9 1 Byte [30] .text a35opghy.SYS B94A73C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ? C:\WINDOWS\system32\Drivers\mchInjDrv.sys Nie można odnaleźć określonego pliku. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgrsx.exe[136] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\igfxsrvc.exe[188] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\ctfmon.exe[648] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90F31A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F38B .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F4B9 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 1D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\spoolsv.exe[824] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\RTHDCPL.EXE[924] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[952] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[960] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\PROGRA~1\AVG\AVG9\avgtray.exe[968] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text D:\Instalki\LAUNCH~1\LManager.exe[988] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[1004] KERNEL32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1072] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91141A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91148B .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9115B9 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 3E, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\csrss.exe[1200] KERNEL32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\winlogon.exe[1224] ntdll.dll!NtLockProductActivationKeys 7C90D4AE 5 Bytes JMP 10001000 C:\WINDOWS\system32\antiwpa.dll .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\winlogon.exe[1224] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\winlogon.exe[1224] USER32.dll!GetSystemMetrics 7E368F9C 5 Bytes JMP 10001018 C:\WINDOWS\system32\antiwpa.dll .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\services.exe[1268] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\lsass.exe[1280] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1324] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[1448] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[1456] KERNEL32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[1516] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\System32\svchost.exe[1556] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[1596] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[1648] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[1712] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\System32\alg.exe[1732] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\igfxpers.exe[1764] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Documents and Settings\User\Moje dokumenty\gmer.exe[1768] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[1944] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\hkcmd.exe[1952] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgchsvx.exe[2044] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\igfxext.exe[2140] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\explorer.exe[2280] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\wbem\unsecapp.exe[2364] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2476] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[2652] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgwdsvc.exe[2684] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\Java\jre6\bin\jqs.exe[2720] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2788] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[2908] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\WINDOWS\system32\svchost.exe[2976] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 39, 00] {SUB [EAX], AL; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 39, 00] {SUB [EBX], AL; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 39, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 39, 00] {TEST AL, 0x1; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B910F1A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 39, 00] {TEST AL, 0x2; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 39, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 39, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910F8B .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 39, 00] {TEST AL, 0x0; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9110B9 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 39, 00] {SUB [ECX], AL; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 39, 00] {SUB [EDX], AL; CMP [EAX], EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 39, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text D:\Instalki\MaxCrypt2\SysSrvc.exe[3116] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgnsx.exe[3244] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgemc.exe[3260] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3600] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateFileA 7C801A28 6 Bytes JMP 5F1C0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!LoadLibraryExW 7C801AF5 6 Bytes JMP 5F070F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FreeLibrary + 15 7C80AC93 4 Bytes CALL 5F00003D .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindFirstFileExW 7C80EB1D 6 Bytes JMP 5F100F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindClose 7C80EE77 6 Bytes JMP 5F190F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindFirstFileW 7C80EF81 6 Bytes JMP 5F160F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindNextFileW 7C80EFDA 6 Bytes JMP 5F0A0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!SetCurrentDirectoryW 7C80F38E 6 Bytes JMP 5F460F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateFileW 7C810800 6 Bytes JMP 5F1F0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindFirstFileA 7C813879 6 Bytes JMP 5F130F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!MoveFileW 7C821261 6 Bytes JMP 5F3A0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateDirectoryA 7C8217AC 6 Bytes JMP 5F310F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CopyFileA 7C8286EE 6 Bytes JMP 5F2B0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CopyFileW 7C82F87B 6 Bytes JMP 5F280F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!DeleteFileA 7C831EDD 6 Bytes JMP 5F220F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!DeleteFileW 7C831F63 6 Bytes JMP 5F250F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateDirectoryW 7C832402 6 Bytes JMP 5F2E0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindNextFileA 7C834EE1 6 Bytes JMP 5F040F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!MoveFileExW 7C83568B 6 Bytes JMP 5F400F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!MoveFileA 7C835EBF 6 Bytes JMP 5F3D0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!SetCurrentDirectoryA 7C83610D 6 Bytes JMP 5F490F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateDirectoryExW 7C85B5CA 6 Bytes JMP 5F340F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!CreateDirectoryExA 7C85C213 6 Bytes JMP 5F370F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!FindFirstFileExA 7C85D4EA 6 Bytes JMP 5F0D0F5A .text C:\Program Files\AVG\AVG9\avgcsrvx.exe[3952] kernel32.dll!MoveFileExA 7C85E49B 6 Bytes JMP 5F430F5A ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EB6042] spnz.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EB613E] spnz.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EB60C0] spnz.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EB6800] spnz.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EB66D6] spnz.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EC5B90] spnz.sys IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KeGetCurrentIrql] 9E880000 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KfRaiseIrql] 00001CB1 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KfLowerIrql] 0E798366 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!HalGetInterruptVector] 74AAB000 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!HalTranslateBusAddress] 8986C636 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!READ_PORT_USHORT] 001C9686 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2 IAT \SystemRoot\System32\Drivers\a35opghy.SYS[WMILIB.SYS!WmiSystemControl] 8800001C IAT \SystemRoot\System32\Drivers\a35opghy.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[744] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00340010 IAT C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1168] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00690010 IAT C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3084] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003F0010 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 89E411F8 AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) Device \Driver\sptd \Device\165286484 spnz.sys Device \Driver\usbuhci \Device\USBPDO-0 89C4D1F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 89DD41F8 Device \Driver\dmio \Device\DmControl\DmConfig 89DD41F8 Device \Driver\dmio \Device\DmControl\DmPnP 89DD41F8 Device \Driver\dmio \Device\DmControl\DmInfo 89DD41F8 Device \Driver\usbuhci \Device\USBPDO-1 89C4D1F8 Device \Driver\usbehci \Device\USBPDO-2 89C7A1F8 Device \Driver\usbehci \Device\USBPDO-3 89C7A1F8 Device \Driver\usbuhci \Device\USBPDO-4 89C4D1F8 AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\usbuhci \Device\USBPDO-5 89C4D1F8 Device \Driver\usbuhci \Device\USBPDO-6 89C4D1F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 89E431F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 89E431F8 Device \Driver\Cdrom \Device\CdRom0 89C2B1F8 Device \Driver\atapi \Device\Ide\IdePort0 [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort2 [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort3 [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-e [B9DEAB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\Cdrom \Device\CdRom1 89C2B1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{00D217EA-86B0-4E33-900C-ED647740E0E8} 8939A500 Device \Driver\NetBT \Device\NetBt_Wins_Export 8939A500 Device \Driver\PCI_PNP6484 \Device\0000004a spnz.sys Device \Driver\NetBT \Device\NetbiosSmb 8939A500 AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\usbuhci \Device\USBFDO-0 89C4D1F8 Device \Driver\usbuhci \Device\USBFDO-1 89C4D1F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8939B1F8 Device \Driver\usbehci \Device\USBFDO-2 89C7A1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8939B1F8 Device \Driver\usbuhci \Device\USBFDO-3 89C4D1F8 Device \Driver\usbuhci \Device\USBFDO-4 89C4D1F8 Device \Driver\Ftdisk \Device\FtControl 89E431F8 Device \Driver\usbuhci \Device\USBFDO-5 89C4D1F8 Device \Driver\usbehci \Device\USBFDO-6 89C7A1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{A0A7F5F1-AB83-4A59-A56F-DC53DEDC770D} 8939A500 Device \Driver\a35opghy \Device\Scsi\a35opghy1 89B291F8 Device \Driver\a35opghy \Device\Scsi\a35opghy1Port4Path0Target0Lun0 89B291F8 Device \FileSystem\Cdfs \Cdfs 893794C8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8E 0x11 0xDF 0x40 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x45 0x43 0xB1 0xFD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x57 0xC2 0xEA 0xAC ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8E 0x11 0xDF 0x40 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x45 0x43 0xB1 0xFD ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x57 0xC2 0xEA 0xAC ... ---- Files - GMER 1.0.15 ---- File C:\WINDOWS\system32\cl.uclmc2 533 bytes ---- EOF - GMER 1.0.15 ----