GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-01-22 13:55:59 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP1634N rev.UZ100-04 149,05GB Running: q7swyhve.exe; Driver: C:\DOCUME~1\User\USTAWI~1\Temp\pxldqpog.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAddBootEntry [0xB1CCDAC4] SSDT \SystemRoot\system32\drivers\aswSP.sys ZwAllocateVirtualMemory [0xB1FD50BA] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0xB1CCE5A2] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwClose [0xB1D145A0] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEvent [0xB1CDA63C] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEventPair [0xB1CDA688] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0xB1CDA822] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateKey [0xB1D13F54] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateMutant [0xB1CDA5AA] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSection [0xB1CDA6CC] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSemaphore [0xB1CDA5F2] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateThread [0xB1CCEAD8] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateTimer [0xB1CDA7DC] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0xB1CCF390] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0xB1CCDB2A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteKey [0xB1D14C66] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteValueKey [0xB1D14F1C] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDuplicateObject [0xB1CD2B86] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwEnumerateKey [0xB1D14AD1] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwEnumerateValueKey [0xB1D1493C] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwLoadDriver [0xB1CCD716] SSDT \SystemRoot\system32\drivers\aswSP.sys ZwMapViewOfSection [0xB1FD5574] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwModifyBootEntry [0xB1CCDB90] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0xB1CD2F7C] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0xB1CCFE78] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEvent [0xB1CDA666] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEventPair [0xB1CDA6AA] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0xB1CDA846] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenKey [0xB1D142B0] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenMutant [0xB1CDA5D0] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenProcess [0xB1CD247E] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSection [0xB1CDA75A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSemaphore [0xB1CDA61A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenThread [0xB1CD286A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenTimer [0xB1CDA800] SSDT \SystemRoot\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0xB1FD5312] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryKey [0xB1D147B7] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryObject [0xB1CCFCEC] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryValueKey [0xB1D14609] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueueApcThread [0xB1CCF842] SSDT \SystemRoot\system32\drivers\aswSP.sys ZwRenameKey [0xB1FE3358] SSDT \SystemRoot\system32\drivers\aswSP.sys ZwReplaceKey [0xB1FE3CC4] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwRestoreKey [0xB1D13597] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0xB1CCDBF6] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootOptions [0xB1CCDC5C] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetContextThread [0xB1CCF20A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemInformation [0xB1CCD7B0] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0xB1CCD982] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetValueKey [0xB1D14D6D] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwShutdownSystem [0xB1CCD910] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendProcess [0xB1CCF55A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendThread [0xB1CCF6BC] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSystemDebugControl [0xB1CCDA0A] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateProcess [0xB1CCF048] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateThread [0xB1CCF1EA] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwVdmControl [0xB1CCDCC2] SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0xB1CCE5FE] ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2D5C 80504644 8 Bytes JMP A7DCB1CC .text ntkrnlpa.exe!ZwCallbackReturn + 2FD4 805048BC 12 Bytes [F6, DB, CC, B1, 5C, DC, CC, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 307C 80504964 12 Bytes [5A, F5, CC, B1, BC, F6, CC, ...] .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6FD53C0, 0x84E2FA, 0xE8000020] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\AVAST Software\Avast\afwServ.exe[208] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP } .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[888] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP } .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!SetScrollInfo 7E369056 5 Bytes JMP 00505F4C C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!GetScrollInfo 7E37DFE2 5 Bytes JMP 00505EA8 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!ShowScrollBar 7E37F2F2 5 Bytes JMP 00505EDB C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!GetScrollPos 7E37F704 5 Bytes JMP 00505E83 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!SetScrollPos 7E37F750 5 Bytes JMP 00505E26 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!GetScrollRange 7E37F787 5 Bytes JMP 00505E4B C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!SetScrollRange 7E37F99B 5 Bytes JMP 00505F15 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\CCleaner\CCleaner.exe[1536] USER32.dll!EnableScrollBar 7E3B8005 5 Bytes JMP 00505F80 C:\Program Files\CCleaner\CCleaner.exe .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1968] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP } .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [18, 20, C4, 01] {SBB [EAX], AH; LES EAX, [ECX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003C01F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2440] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003C03FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 54, D2, 00] {SUB [EDX+EDX*8+0x0], DL} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 57, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 54, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 55, D2, 00] {TEST AL, 0x55; ROL [EAX], CL} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91A86E .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 56, D2, 00] {TEST AL, 0x56; ROL [EAX], CL} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 55, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 56, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91A8DF .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 54, D2, 00] {TEST AL, 0x54; ROL [EAX], CL} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91AA0D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 55, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 56, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 57, D2, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00FF01F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2504] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00FF03FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, DC, 8D, 00] {SUB AH, BL; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DF, 8D, 00] {SUB BH, BL; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, DC, 8D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, DD, 8D, 00] {TEST AL, 0xdd; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9163F6 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DE, 8D, 00] {TEST AL, 0xde; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, DD, 8D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DE, 8D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B916467 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, DC, 8D, 00] {TEST AL, 0xdc; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B916595 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, DD, 8D, 00] {SUB CH, BL; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DE, 8D, 00] {SUB DH, BL; LEA EAX, [EAX]} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DF, 8D, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00BB01F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3004] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00BB03FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 74, E7, 00] {SUB [EDI+0x0], DH} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 77, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 74, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 75, E7, 00] {TEST AL, 0x75; OUT 0x0, EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91BD8E .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 76, E7, 00] {TEST AL, 0x76; OUT 0x0, EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 75, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 76, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91BDFF .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 74, E7, 00] {TEST AL, 0x74; OUT 0x0, EAX} .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91BF2D .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 75, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 76, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 77, E7, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 011501F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3780] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 011503FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, A8, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, AB, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, A8, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, A9, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B910BC2 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, AA, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, A9, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, AA, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910C33 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, A8, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910D61 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, A9, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, AA, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, AB, 35, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 007101F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3936] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 007103FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, F8, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, FB, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, F8, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, F9, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90F612 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, FA, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, F9, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, FA, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F683 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, F8, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F7B1 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, F9, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, FA, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, FB, 1F, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003E01F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4164] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003E03FC .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, AC, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, AF, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, AC, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, AD, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9181C6 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, AE, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, AD, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, AE, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B918237 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, AC, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B918365 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, AD, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, AE, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, AF, AB, 00] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00D901F8 .text C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[5928] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00D903FC ---- User IAT/EAT - GMER 2.1 ---- IAT C:\WINDOWS\system32\services.exe[1172] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002 IAT C:\WINDOWS\system32\services.exe[1172] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000 ---- Devices - GMER 2.1 ---- AttachedDevice \Driver\Tcpip \Device\Ip aswNdis2.sys AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.sys AttachedDevice \Driver\Tcpip \Device\Tcp aswNdis2.sys AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.sys AttachedDevice \Driver\Tcpip \Device\Udp aswNdis2.sys AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.sys AttachedDevice \Driver\Tcpip \Device\RawIp aswNdis2.sys AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.sys AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys ---- EOF - GMER 2.1 ----