GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-07-22 15:02:19 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.01.0 Running: 3n3s4xvy.exe; Driver: C:\DOCUME~1\Klaudia1\USTAWI~1\Temp\pwldqpog.sys ---- System - GMER 1.0.15 ---- SSDT spbx.sys ZwCreateKey [0xF734F0E0] SSDT spbx.sys ZwEnumerateKey [0xF7367DA4] SSDT spbx.sys ZwEnumerateValueKey [0xF7368132] SSDT spbx.sys ZwOpenKey [0xF734F0C0] SSDT spbx.sys ZwQueryKey [0xF736820A] SSDT spbx.sys ZwQueryValueKey [0xF736808A] SSDT spbx.sys ZwSetValueKey [0xF736829C] INT 0x73 ? 86D6ABF8 INT 0x84 ? 8624EBF8 INT 0x94 ? 8624EBF8 INT 0xA4 ? 8624EBF8 INT 0xB4 ? 8624EBF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spbx.sys Nie można odnaleźć określonego pliku. ! .text USBPORT.SYS!DllUnload F5BBE934 5 Bytes JMP 8624E1D8 ---- User code sections - GMER 1.0.15 ---- .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 28, 00] {SUB [EAX], AL; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 28, 00] {SUB [EBX], AL; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 28, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 28, 00] {TEST AL, 0x1; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90FE1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 28, 00] {TEST AL, 0x2; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 28, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 28, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90FE8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 28, 00] {TEST AL, 0x0; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90FFB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 28, 00] {SUB [ECX], AL; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 28, 00] {SUB [EDX], AL; SUB [EAX], AL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 28, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90F51A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90F58B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90F6B9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 1F, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912A1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912A8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912BB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 54, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 29, 00] {SUB [EAX], AL; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 29, 00] {SUB [EBX], AL; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 29, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 29, 00] {TEST AL, 0x1; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90FF1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 29, 00] {TEST AL, 0x2; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 29, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 29, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90FF8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 29, 00] {TEST AL, 0x0; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9100B9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 29, 00] {SUB [ECX], AL; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 29, 00] {SUB [EDX], AL; SUB [EAX], EAX} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 29, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\WINDOWS\Explorer.EXE[1940] SHELL32.dll!StrStrW 7C9CCE5C 4 Bytes [E0, 28, 00, 10] {LOOPNZ 0x2a; ADD [EAX], DL} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90FC1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90FC8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90FDB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 26, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91031A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91038B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9104B9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 2D, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912B8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912CB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 3B, 00] {SUB [EAX], AL; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 3B, 00] {SUB [EBX], AL; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 3B, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 3B, 00] {TEST AL, 0x1; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91111A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 3B, 00] {TEST AL, 0x2; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 3B, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 3B, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91118B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 3B, 00] {TEST AL, 0x0; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9112B9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 3B, 00] {SUB [ECX], AL; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 3B, 00] {SUB [EDX], AL; CMP EAX, [EAX]} .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 3B, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Programy\Gadu-Gadu 10\gg.exe[3932] USER32.dll!BeginPaint 7E378FE9 5 Bytes JMP 10539EA0 C:\Programy\Gadu-Gadu 10\QtWebKit4.dll .text C:\Programy\Gadu-Gadu 10\gg.exe[3932] USER32.dll!EndPaint 7E378FFD 5 Bytes JMP 10539F10 C:\Programy\Gadu-Gadu 10\QtWebKit4.dll .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B1A .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912B8B .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912CB9 .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 55, 00] .text C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F735FB90] spbx.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[168] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003F0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[540] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00360010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1436] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006B0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00540010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1920] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010 IAT C:\WINDOWS\Explorer.EXE[1940] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001F00] C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.) IAT C:\WINDOWS\Explorer.EXE[1940] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002AC0] C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.) IAT C:\WINDOWS\Explorer.EXE[1940] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.) IAT C:\WINDOWS\Explorer.EXE[1940] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CopyFileExW] [10001F70] C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.) IAT C:\WINDOWS\Explorer.EXE[1940] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002E10] C:\Program Files\EgisTec MyWinLocker\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.) IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2680] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003C0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2896] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00580010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2968] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006C0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3316] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 003E0010 IAT C:\Documents and Settings\Klaudia1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[4080] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006C0010 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 86D691F8 AttachedDevice \FileSystem\Ntfs \Ntfs mwlPSDFilter.sys (PSD Filter Driver/Egis Incorporated.) Device \FileSystem\Fastfat \FatCdrom 860281F8 AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation) Device \Driver\usbehci \Device\USBPDO-0 862371F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{B64124A8-0FB5-473D-B1C4-1FECF9022F6D} 853DF1F8 Device \Driver\usbuhci \Device\USBPDO-1 861831F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{02BE8202-89BE-4E34-A1FB-35C1FE2C5CA5} 853DF1F8 Device \Driver\usbuhci \Device\USBPDO-2 861831F8 Device \Driver\usbuhci \Device\USBPDO-3 861831F8 Device \Driver\usbuhci \Device\USBPDO-4 861831F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 86DDA1F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 86DDA1F8 Device \Driver\iaStor \Device\Ide\iaStor0 [F7247650] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [F7247650] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\Ftdisk \Device\HarddiskVolume3 86DDA1F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 853DF1F8 Device \Driver\NetBT \Device\NetbiosSmb 853DF1F8 Device \Driver\usbuhci \Device\USBFDO-0 861831F8 Device \Driver\usbuhci \Device\USBFDO-1 861831F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 853DE1F8 Device \Driver\usbuhci \Device\USBFDO-2 861831F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 853DE1F8 Device \Driver\usbuhci \Device\USBFDO-3 861831F8 Device \Driver\usbehci \Device\USBFDO-4 862371F8 Device \Driver\Ftdisk \Device\FtControl 86DDA1F8 Device \FileSystem\Fastfat \Fat 860281F8 Device \FileSystem\Cdfs \Cdfs 86270500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x79 0x3E 0x02 0x35 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x52 0x82 0x39 0x84 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x6C 0xC0 0xCF 0x47 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x96 0x54 0x38 0x26 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._Kazimierz_Napiˇrkows\OpenWithProgids@_Kazimierz_Napi\x2c7rkows_auto_file ---- EOF - GMER 1.0.15 ----