GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-09-27 11:16:37 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD1600BEVS-08RST2 rev.08.01G08 149,05GB Running: 9x7unw4i.exe; Driver: C:\DOCUME~1\UNIDROG\USTAWI~1\Temp\uxtdypow.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0x9F341004] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0x9F3410D4] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0x9F340D76] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0x9F340E1E] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0x9F340EBA] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0x9F340F56] ---- User code sections - GMER 2.1 ---- .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[764] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 10, C4, 01] {SBB [EAX], DL; LES EAX, [ECX]} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[764] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 28, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 2B, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 28, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 29, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B916642 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 2A, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 29, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 2A, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9166B3 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 28, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9167E1 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 29, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 2A, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 2B, 90, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[876] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 18, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 1B, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 18, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 19, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917832 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 1A, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 19, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 1A, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9178A3 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 18, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9179D1 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 19, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 1A, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 1B, A2, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1328] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 14, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 17, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 14, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 15, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC2E .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 16, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 15, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 16, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC9F .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 14, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDCD .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 15, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 16, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 17, 16, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2164] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 60, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 63, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 60, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 61, 87, 00] {TEST AL, 0x61; XCHG [EAX], EAX} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B915D7A .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 62, 87, 00] {TEST AL, 0x62; XCHG [EAX], EAX} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 61, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 62, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B915DEB .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 60, 87, 00] {TEST AL, 0x60; XCHG [EAX], EAX} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B915F19 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 61, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 62, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 63, 87, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2696] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 40, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 43, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 40, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 41, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91255A .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 42, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 41, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 42, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9125CB .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 40, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9126F9 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 41, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 42, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 43, 4F, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2788] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 2C, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 2F, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 2C, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 2D, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B916846 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 2E, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 2D, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 2E, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9168B7 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 2C, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9169E5 .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 2D, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 2E, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 2F, 92, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3352] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 54, 84, 00] {SUB [ESP+EAX*4+0x0], DL} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 57, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 54, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 55, 84, 00] {TEST AL, 0x55; TEST [EAX], AL} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B915A6E .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 56, 84, 00] {TEST AL, 0x56; TEST [EAX], AL} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 55, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 56, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B915ADF .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 54, 84, 00] {TEST AL, 0x54; TEST [EAX], AL} .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B915C0D .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 55, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 56, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 57, 84, 00] .text C:\Documents and Settings\UNIDROG\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3612] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Devices - GMER 2.1 ---- AttachedDevice \FileSystem\Ntfs \Ntfs avgidsfilterx.sys AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys ---- Files - GMER 2.1 ---- ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP146\A0045183.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP146\A0045203.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP148\A0045349.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP149\A0045450.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP150\A0045571.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP151\A0045688.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP152\A0045811.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP154\A0045929.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP154\A0046288.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP156\A0046419.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP158\A0046531.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP158\A0046595.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP159\A0046799.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP161\A0046950.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP164\A0047117.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP165\A0047220.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP167\A0048330.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP168\A0048453.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP169\A0048552.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP169\A0049591.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0050632.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0050765.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0052072.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053114.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053198.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053274.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053351.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053535.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053615.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053704.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053781.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0053858.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054032.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054119.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054164.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054275.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054330.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054408.exe:BAK 22528 bytes executable ADS C:\System Volume Information\_restore{58C8DD6F-86B5-47E7-8F23-D69666B7C4DC}\RP170\A0054671.exe:BAK 22528 bytes executable ---- EOF - GMER 2.1 ----