GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-10-24 18:03:24 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK2552GSX rev.LV010M Running: gmer.exe; Driver: C:\DOCUME~1\Ola\USTAWI~1\Temp\uwtdqpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xA7D454C2] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA7DF2C36] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0xA7D45EDE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xA7D877A1] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xA7D50EEE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xA7D50F3A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xA7D510BC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xA7D87155] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xA7D50E5C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xA7D50F7E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xA7D50EA4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0xA7D46124] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xA7D51076] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0xA7D46946] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xA7D45510] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xA7D87E67] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xA7D8811D] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xA7D4A108] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA7D87CD2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA7D87B3D] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA7DF2CFE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xA7D45178] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xA7D4555E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xA7D4A47A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xA7D473AE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xA7D50F18] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xA7D50F5C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xA7D510E0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xA7D874B1] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xA7D50E82] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xA7D49C46] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xA7D51000] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xA7D50ECC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xA7D49EB0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xA7D5109A] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA7DF2E5E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xA7D879B8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xA7D4727A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xA7D8780A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0xA7D46DDC] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA7DFF786] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xA7D867C8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xA7D455AC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xA7D455FA] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0xA7D467C6] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xA7D45202] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xA7D453B2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xA7D87F6E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xA7D45358] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0xA7D46B00] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0xA7D46C5C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xA7D45422] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateProcess [0xA7D464DC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0xA7D4663E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwUnloadDriver [0xA7DF1468] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xA7D45648] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwWriteVirtualMemory [0xA7D45F22] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA7E0BE16] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2F28 80504820 12 Bytes [AC, 55, D4, A7, FA, 55, D4, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2FD0 805048C8 12 Bytes [00, 6B, D4, A7, 5C, 6C, D4, ...] {ADD [EBX-0x2c], CH; CMPSD ; POP ESP; INSB ; AAM 0xa7; AND DL, [ESP+EDX*8-0x59]} PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A64B0 4 Bytes CALL A7D47A7F \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC55E 5 Bytes JMP A7E08CB6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 805C2FE2 5 Bytes JMP A7E0A7D0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D119A 7 Bytes JMP A7E0BE1A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ? tjiuxsle.sys Nie można odnaleźć określonego pliku. ! .text win32k.sys!EngFreeUserMem + 674 BF80991D 5 Bytes JMP A7D4BA92 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngFreeUserMem + 35D0 BF80C879 5 Bytes JMP A7D4B982 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngDeleteSurface + 45 BF813911 5 Bytes JMP A7D4B93C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!BRUSHOBJ_pvAllocRbrush + 11D3 BF81C57B 5 Bytes JMP A7D4AFEE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngSetLastError + 79A8 BF8240EB 5 Bytes JMP A7D4A70A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateBitmap + F9C BF828A55 5 Bytes JMP A7D4BBFC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + 2C50 BF8314A0 5 Bytes JMP A7D4BE04 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + B687 BF839ED7 5 Bytes JMP A7D4B842 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!FONTOBJ_pxoGetXform + 84ED BF851765 5 Bytes JMP A7D4A5CE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!XLATEOBJ_iXlate + F17 BF85BC8A 5 Bytes JMP A7D4B0B0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!XLATEOBJ_iXlate + 3581 BF85E2F4 5 Bytes JMP A7D4AB64 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!XLATEOBJ_iXlate + 360C BF85E37F 5 Bytes JMP A7D4AE2A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreatePalette + 88 BF85F5F0 5 Bytes JMP A7D4A5B6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreatePalette + 5457 BF8649BF 5 Bytes JMP A7D4B9CC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGetCurrentCodePage + 35FB BF8731B9 5 Bytes JMP A7D4AC24 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGetCurrentCodePage + 4138 BF873CF6 5 Bytes JMP A7D4ADE4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGetLastError + 1606 BF890DF1 5 Bytes JMP A7D4B0C8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGradientFill + 26EE BF89439B 5 Bytes JMP A7D4BB44 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngStretchBltROP + 583 BF894E73 5 Bytes JMP A7D4BD62 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCopyBits + 3862 BF89C226 5 Bytes JMP A7D4AFD6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCopyBits + 4DF7 BF89D7BB 5 Bytes JMP A7D4A77A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngEraseSurface + A9E8 BF8C1D00 5 Bytes JMP A7D4A88A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngFillPath + 1517 BF8CA191 5 Bytes JMP A7D4A962 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngFillPath + 1797 BF8CA411 5 Bytes JMP A7D4AA8E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngDeleteSemaphore + 3B33 BF8EBDCC 5 Bytes JMP A7D4A4B0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngDeleteSemaphore + CB47 BF8F4DE0 5 Bytes JMP A7D4B006 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 1A2F BF9142F4 5 Bytes JMP A7D4A6A6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 2603 BF914EC8 5 Bytes JMP A7D4A836 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 4F7C BF917841 5 Bytes JMP A7D4AF44 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngPlgBlt + 1947 BF947973 5 Bytes JMP A7D4BCBA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[220] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[220] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[220] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\spoolsv.exe[288] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\spoolsv.exe[288] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Java\jre7\bin\jqs.exe[452] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00471014 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00470804 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00470A08 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00470C0C .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00470E10 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 004701F8 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 004703FC .text C:\Program Files\Java\jre7\bin\jqs.exe[452] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00470600 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] user32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00700804 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] user32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00700A08 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] user32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00700600 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] user32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 007001F8 .text C:\Program Files\Java\jre7\bin\jqs.exe[452] user32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 007003FC .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ntdll.dll!DbgBreakPoint 7C90120E 1 Byte [90] .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00FE1014 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00FE0804 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00FE0A08 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00FE0C0C .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00FE0E10 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00FE01F8 .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00FE03FC .text C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe[528] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00FE0600 .text C:\WINDOWS\notepad.exe[780] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003201F8 .text C:\WINDOWS\notepad.exe[780] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\notepad.exe[780] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003203FC .text C:\WINDOWS\notepad.exe[780] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\System32\smss.exe[864] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[916] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\system32\svchost.exe[916] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[916] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\system32\svchost.exe[916] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00AC1014 .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00AC0804 .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00AC0A08 .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00AC0C0C .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00AC0E10 .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00AC01F8 .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00AC03FC .text C:\WINDOWS\system32\svchost.exe[916] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00AC0600 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002D01F8 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002D03FC .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 011E1014 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 011E0804 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 011E0A08 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 011E0C0C .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 011E0E10 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 011E01F8 .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 011E03FC .text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[932] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 011E0600 .text C:\WINDOWS\system32\csrss.exe[940] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\csrss.exe[940] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[964] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[964] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 78, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 7B, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 78, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 79, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B915692 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 7A, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 79, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 7A, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B915703 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 78, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B915831 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 79, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 7A, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 7B, 80, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00AF01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00AF03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00E31014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00E30804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00E30A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00E30C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 3 Bytes JMP 00E30E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!ChangeServiceConfig2W + 4 77E2718D 1 Byte [89] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00E301F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00E303FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00E30600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01610804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01610A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01610600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 016101F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 016103FC .text C:\WINDOWS\system32\services.exe[1008] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\services.exe[1008] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\lsass.exe[1020] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\lsass.exe[1020] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\TAMSvr.exe[1192] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\TAMSvr.exe[1192] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\FpLogonServ.exe[1204] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\FpLogonServ.exe[1204] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1232] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1232] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1320] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 54, 55, 00] {SUB [EBP+EDX*2+0x0], DL} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 57, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 54, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 55, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B6E .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 56, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 55, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 56, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912BDF .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 54, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912D0D .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 55, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 56, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 57, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 008401F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 008403FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00B81014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00B80804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00B80A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00B80C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00B80E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00B801F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00B803FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00B80600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01360804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01360A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01360600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 013601F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 013603FC .text C:\WINDOWS\system32\UAService7.exe[1472] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003C01F8 .text C:\WINDOWS\system32\UAService7.exe[1472] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\UAService7.exe[1472] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003C03FC .text C:\WINDOWS\system32\UAService7.exe[1472] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[1488] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[1488] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1520] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1520] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Apoint2K\HidFind.exe[1528] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Apoint2K\HidFind.exe[1528] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Apoint2K\HidFind.exe[1528] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00961014 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00960804 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00960A08 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00960C0C .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00960E10 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009601F8 .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009603FC .text C:\Program Files\Apoint2K\HidFind.exe[1528] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00960600 .text C:\WINDOWS\system32\svchost.exe[1684] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1684] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 40, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 43, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 40, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 41, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B5A .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 42, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 41, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 42, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912BCB .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 40, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912CF9 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 41, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 42, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 43, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 008401F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 008403FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00B81014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00B80804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00B80A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00B80C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00B80E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00B801F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00B803FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00B80600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01360804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01360A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01360600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 013601F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 013603FC .text C:\WINDOWS\system32\svchost.exe[1812] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1812] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[1848] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[1848] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1908] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1908] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1908] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1908] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00971014 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00970804 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00970A08 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00970C0C .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00970E10 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009701F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009703FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1940] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00970600 .text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\system32\svchost.exe[2028] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 009E1014 .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 009E0804 .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 009E0A08 .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 009E0C0C .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 009E0E10 .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009E01F8 .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009E03FC .text C:\WINDOWS\system32\svchost.exe[2028] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 009E0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00F01014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00F00804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00F00A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00F00C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00F00E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00F001F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00F003FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00F00600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 011C0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 011C0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 011C0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 011C01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2116] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 011C03FC .text C:\WINDOWS\Explorer.EXE[2152] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\Explorer.EXE[2152] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[2152] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\Explorer.EXE[2152] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00431014 .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00430804 .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00430A08 .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00430C0C .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00430E10 .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 004301F8 .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 004303FC .text C:\WINDOWS\Explorer.EXE[2152] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00430600 .text C:\WINDOWS\Explorer.EXE[2152] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00DE0804 .text C:\WINDOWS\Explorer.EXE[2152] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00DE0A08 .text C:\WINDOWS\Explorer.EXE[2152] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00DE0600 .text C:\WINDOWS\Explorer.EXE[2152] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00DE01F8 .text C:\WINDOWS\Explorer.EXE[2152] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00DE03FC .text C:\WINDOWS\System32\alg.exe[2208] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\System32\alg.exe[2208] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\System32\alg.exe[2208] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\System32\alg.exe[2208] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2228] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2228] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2228] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2228] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 009C1014 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 009C0804 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 009C0A08 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 009C0C0C .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 009C0E10 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009C01F8 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009C03FC .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 009C0600 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 009D0804 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 009D0A08 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 009D0600 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 009D01F8 .text C:\DOCUME~1\Ola\USTAWI~1\Temp\Rar$EX00.578\gmer.exe[2332] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 009D03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 6C, 55, 00] {SUB [EBP+EDX*2+0x0], CH} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 6F, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 6C, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 6D, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B86 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 6E, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 6D, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 6E, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912BF7 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 6C, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912D25 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 6D, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 6E, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 6F, 55, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 008401F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 008403FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00B81014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00B80804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00B80A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00B80C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00B80E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00B801F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00B803FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00B80600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01360804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01360A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01360600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 013601F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 013603FC .text C:\WINDOWS\system32\igfxtray.exe[2596] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\WINDOWS\system32\igfxtray.exe[2596] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\igfxtray.exe[2596] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\WINDOWS\system32\igfxtray.exe[2596] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[2672] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\WINDOWS\system32\hkcmd.exe[2672] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[2672] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\WINDOWS\system32\hkcmd.exe[2672] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[2748] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\WINDOWS\system32\igfxsrvc.exe[2748] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[2748] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\WINDOWS\system32\igfxsrvc.exe[2748] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[2748] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01200804 .text C:\WINDOWS\system32\igfxsrvc.exe[2748] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01200A08 .text C:\WINDOWS\system32\igfxsrvc.exe[2748] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01200600 .text C:\WINDOWS\system32\igfxsrvc.exe[2748] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 012001F8 .text C:\WINDOWS\system32\igfxsrvc.exe[2748] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 012003FC .text C:\WINDOWS\System32\svchost.exe[2868] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003101F8 .text C:\WINDOWS\System32\svchost.exe[2868] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[2868] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003103FC .text C:\WINDOWS\System32\svchost.exe[2868] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00A21014 .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00A20804 .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00A20A08 .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00A20C0C .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00A20E10 .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00A201F8 .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00A203FC .text C:\WINDOWS\System32\svchost.exe[2868] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00A20600 .text C:\WINDOWS\system32\igfxpers.exe[2952] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\WINDOWS\system32\igfxpers.exe[2952] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\igfxpers.exe[2952] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\WINDOWS\system32\igfxpers.exe[2952] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 58, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 5B, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 58, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 59, 18, 00] {TEST AL, 0x59; SBB [EAX], AL} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EE72 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 5A, 18, 00] {TEST AL, 0x5a; SBB [EAX], AL} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 59, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 5A, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EEE3 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 58, 18, 00] {TEST AL, 0x58; SBB [EAX], AL} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F011 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 59, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 5A, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 5B, 18, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 005A01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 005A03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 008E1014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 008E0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 008E0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 008E0C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 008E0E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 008E01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 008E03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 008E0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 010C0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 010C0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 010C0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 010C01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 010C03FC .text C:\Program Files\TrueSuite Access Manager\FpNotifier.exe[3000] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\TrueSuite Access Manager\FpNotifier.exe[3000] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\TrueSuite Access Manager\FpNotifier.exe[3000] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\TrueSuite Access Manager\FpNotifier.exe[3000] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00F80804 .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00F80A08 .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00F80600 .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00F801F8 .text C:\Program Files\TrueSuite Access Manager\usbnotify.exe[3020] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00F803FC .text C:\Program Files\TrueSuite Access Manager\PwdBank.exe[3044] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\TrueSuite Access Manager\PwdBank.exe[3044] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\TrueSuite Access Manager\PwdBank.exe[3044] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\TrueSuite Access Manager\PwdBank.exe[3044] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Apoint2K\Apoint.exe[3056] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Apoint2K\Apoint.exe[3056] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Apoint2K\Apoint.exe[3056] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Apoint2K\Apoint.exe[3056] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00D50804 .text C:\Program Files\Apoint2K\Apoint.exe[3056] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00D50A08 .text C:\Program Files\Apoint2K\Apoint.exe[3056] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00D50600 .text C:\Program Files\Apoint2K\Apoint.exe[3056] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00D501F8 .text C:\Program Files\Apoint2K\Apoint.exe[3056] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00D503FC .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00D11014 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00D10804 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00D10A08 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00D10C0C .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00D10E10 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00D101F8 .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00D103FC .text C:\Program Files\Apoint2K\Apoint.exe[3056] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00D10600 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00B21014 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00B20804 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00B20A08 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00B20C0C .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00B20E10 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00B201F8 .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00B203FC .text C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe[3116] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00B20600 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 009D0804 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 009D0A08 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 009D0600 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 009D01F8 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 009D03FC .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00921014 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00920804 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00920A08 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00920C0C .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00920E10 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009201F8 .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009203FC .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3192] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00920600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 88, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 8B, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 88, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 89, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B916BA2 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 8A, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 89, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 8A, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B916C13 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 88, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B916D41 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 89, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 8A, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 8B, 95, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00C401F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00C403FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00F81014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00F80804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00F80A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00F80C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00F80E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00F801F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00F803FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00F80600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01760804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01760A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01760600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 017601F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 017603FC .text C:\Program Files\AVAST Software\Avast\avastUI.exe[3392] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\avastUI.exe[3392] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Apoint2K\Apntex.exe[3396] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Apoint2K\Apntex.exe[3396] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Apoint2K\Apntex.exe[3396] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Apoint2K\Apntex.exe[3396] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 70, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 73, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 70, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 71, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C98A .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 72, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 71, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 72, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91C9FB .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 70, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91CB29 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 71, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 72, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 73, F3, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 012201F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 012203FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01561014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01560804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01560A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01560C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01560E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 015601F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 015603FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01560600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01D40804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01D40A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01D40600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 01D401F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 01D403FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00941014 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00940804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00940A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00940C0C .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00940E10 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009401F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009403FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00940600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00A70804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00A70A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00A70600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00A701F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3660] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00A703FC .text C:\WINDOWS\system32\ctfmon.exe[3688] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003201F8 .text C:\WINDOWS\system32\ctfmon.exe[3688] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\system32\ctfmon.exe[3688] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003203FC .text C:\WINDOWS\system32\ctfmon.exe[3688] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014 .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804 .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08 .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10 .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8 .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC .text C:\WINDOWS\system32\ctfmon.exe[3688] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01131014 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01130804 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01130A08 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01130C0C .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01130E10 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 011301F8 .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 011303FC .text C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe[3700] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01130600 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\WinRAR\WinRAR.exe[3720] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\WinRAR\WinRAR.exe[3720] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 010B1014 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!ChangeServiceConfigA 77E26E69 5 Bytes JMP 010B0804 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!ChangeServiceConfigW 77E27001 5 Bytes JMP 010B0A08 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!ChangeServiceConfig2A 77E27101 5 Bytes JMP 010B0C0C .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!ChangeServiceConfig2W 77E27189 5 Bytes JMP 010B0E10 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!CreateServiceA 77E27211 5 Bytes JMP 010B01F8 .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!CreateServiceW 77E273A9 5 Bytes JMP 010B03FC .text C:\Program Files\WinRAR\WinRAR.exe[3720] ADVAPI32.DLL!DeleteService 77E274B1 5 Bytes JMP 010B0600 .text C:\Program Files\WinRAR\WinRAR.exe[3720] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 010E0804 .text C:\Program Files\WinRAR\WinRAR.exe[3720] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 010E0A08 .text C:\Program Files\WinRAR\WinRAR.exe[3720] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 010E0600 .text C:\Program Files\WinRAR\WinRAR.exe[3720] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 010E01F8 .text C:\Program Files\WinRAR\WinRAR.exe[3720] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 010E03FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003D01F8 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003D03FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01A51014 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01A50804 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01A50A08 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01A50C0C .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01A50E10 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 01A501F8 .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 01A503FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe[3748] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01A50600 .text E:\Download\OTL.exe[3800] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text E:\Download\OTL.exe[3800] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text E:\Download\OTL.exe[3800] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text E:\Download\OTL.exe[3800] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text E:\Download\OTL.exe[3800] user32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01170804 .text E:\Download\OTL.exe[3800] user32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01170A08 .text E:\Download\OTL.exe[3800] user32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01170600 .text E:\Download\OTL.exe[3800] user32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 011701F8 .text E:\Download\OTL.exe[3800] user32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 011703FC .text E:\Download\OTL.exe[3800] advapi32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00D91014 .text E:\Download\OTL.exe[3800] advapi32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00D90804 .text E:\Download\OTL.exe[3800] advapi32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00D90A08 .text E:\Download\OTL.exe[3800] advapi32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00D90C0C .text E:\Download\OTL.exe[3800] advapi32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00D90E10 .text E:\Download\OTL.exe[3800] advapi32.dll!CreateServiceA 77E27211 5 Bytes JMP 00D901F8 .text E:\Download\OTL.exe[3800] advapi32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00D903FC .text E:\Download\OTL.exe[3800] advapi32.dll!DeleteService 77E274B1 5 Bytes JMP 00D90600 .text C:\WINDOWS\notepad.exe[3892] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003201F8 .text C:\WINDOWS\notepad.exe[3892] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\WINDOWS\notepad.exe[3892] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003203FC .text C:\WINDOWS\notepad.exe[3892] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00B81014 .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00B80804 .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00B80A08 .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00B80C0C .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00B80E10 .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00B801F8 .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00B803FC .text C:\WINDOWS\notepad.exe[3892] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00B80600 .text C:\WINDOWS\notepad.exe[3892] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00BB0804 .text C:\WINDOWS\notepad.exe[3892] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00BB0A08 .text C:\WINDOWS\notepad.exe[3892] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00BB0600 .text C:\WINDOWS\notepad.exe[3892] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 00BB01F8 .text C:\WINDOWS\notepad.exe[3892] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 00BB03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B0, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B3, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B0, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B1, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EDCA .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B2, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B1, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B2, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EE3B .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B0, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EF69 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B1, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B2, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B3, 17, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 005A01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 005A03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 008E1014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 008E0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 008E0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 008E0C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 008E0E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 008E01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 008E03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 008E0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 010C0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 010C0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 010C0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 010C01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 010C03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A4, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, A7, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A4, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A5, D9, 00] {TEST AL, 0xa5; FLD DWORD [EAX]} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91AFBE .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, A6, D9, 00] {TEST AL, 0xa6; FLD DWORD [EAX]} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A5, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, A6, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91B02F .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A4, D9, 00] {TEST AL, 0xa4; FLD DWORD [EAX]} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91B15D .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A5, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, A6, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, A7, D9, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 010801F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 010803FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 013C1014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 013C0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 013C0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 013C0C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 013C0E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 013C01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 013C03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 013C0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01BA0804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01BA0A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01BA0600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 01BA01F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 01BA03FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 8C, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 8F, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 8C, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 8D, 76, 00] {TEST AL, 0x8d; JBE 0x4} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B914CA6 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 8E, 76, 00] {TEST AL, 0x8e; JBE 0x4} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 8D, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 8E, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B914D17 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 8C, 76, 00] {TEST AL, 0x8c; JBE 0x4} .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B914E45 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 8D, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 8E, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 8F, 76, 00] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00A501F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00A503FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00D91014 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00D90804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00D90A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00D90C0C .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00D90E10 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00D901F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00D903FC .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00D90600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01570804 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01570A08 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01570600 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 015701F8 .text C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 015703FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62] .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 02441014 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 02440804 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 02440A08 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 02440C0C .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 02440E10 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 024401F8 .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 024403FC .text C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe[4032] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 02440600 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00940010 IAT C:\WINDOWS\system32\services.exe[1008] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002 IAT C:\WINDOWS\system32\services.exe[1008] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1340] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006A0010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1796] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00690010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00690010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3300] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00A90010 IAT C:\Program Files\AVAST Software\Avast\avastUI.exe[3392] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3476] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 01070010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3956] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002B0010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00ED0010 IAT C:\Documents and Settings\Ola\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3980] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 008B0010 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation) AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----