GMER 2.1.19155 - http://www.gmer.net Rootkit scan 2013-03-17 13:05:30 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000067 WDC_WD32 rev.01.0 298,09GB Running: 0rv7eive.exe; Driver: C:\Users\Kaja\AppData\Local\Temp\kxliapow.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x9022859C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x924E2388] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x9022902E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x902347F2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x9023483E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x902349D8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x90234760] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x924E2720] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x902347A8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0x9022952C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThreadEx [0x90229748] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x90234992] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0x90229DE4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x90228602] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0x9022D5C2] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x924E2450] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x924E09B4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x90228668] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x9022D98C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x9022A874] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x9023481C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x90234860] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x902349FC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x90234786] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0x9022CEA8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x90234910] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x902347D0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0x9022D29A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x902349B6] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x924E25B0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x9022A740] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThreadEx [0x9022A44E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x902286CE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x90228734] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0x90229C5E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x90228284] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x9022845A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x902283E8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0x90229FAE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0x9022A110] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x902284E2] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0x924E2678] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0x90229C3E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwUnloadDriver [0x924E09E4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x9022879A] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x924E24FC] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x924FBBA0] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C5B9E9 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C951C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82C9C1E0 4 Bytes [9C, 85, 22, 90] {PUSHF ; TEST [EDX], ESP; NOP } .text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82C9C208 4 Bytes [88, 23, 4E, 92] {MOV [EBX], AH; DEC ESI; XCHG EDX, EAX} .text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82C9C268 4 Bytes [2E, 90, 22, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82C9C2BC 8 Bytes [F2, 47, 23, 90, 3E, 48, 23, ...] {INC EDI; AND EDX, [EAX-0x6fdcb7c2]} .text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82C9C2C8 4 Bytes [D8, 49, 23, 90] {FMUL DWORD [ECX+0x23]; NOP } .text ... PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82E29C6B 5 Bytes JMP 924F8A3A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 82E42280 5 Bytes JMP 924FA56C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E573C7 4 Bytes CALL 9022AF37 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E711B0 4 Bytes CALL 9022AF4D \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82EFB008 7 Bytes JMP 924FBBA4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9282D000, 0x35356D, 0xE8000020] PAGE peauth.sys 9E766B9B 72 Bytes JMP D98DBC73 ---- User code sections - GMER 2.1 ---- .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00200A08 .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 002003FC .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00200804 .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 002001F8 .text C:\Users\Kaja\Downloads\0rv7eive.exe[176] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00200600 .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[344] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[428] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\csrss.exe[452] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe[460] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Bonjour\mDNSResponder.exe[532] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text ... .text C:\Windows\system32\DllHost.exe[604] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Windows\system32\DllHost.exe[604] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Windows\system32\DllHost.exe[604] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\DllHost.exe[604] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 000F0A08 .text C:\Windows\system32\DllHost.exe[604] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000F03FC .text C:\Windows\system32\DllHost.exe[604] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 000F0804 .text C:\Windows\system32\DllHost.exe[604] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000F01F8 .text C:\Windows\system32\DllHost.exe[604] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 000F0600 .text C:\Windows\system32\lsass.exe[612] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\lsm.exe[620] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\winlogon.exe[648] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00100A08 .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001003FC .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00100804 .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001001F8 .text C:\Program Files\Sony\VAIO Care\VCAgent.exe[744] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00100600 .text C:\Windows\system32\svchost.exe[764] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[856] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\atiesrxx.exe[900] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[976] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[1024] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text ... .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, B4, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, B7, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, B4, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, B5, 21, 00] {TEST AL, 0xb5; AND [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, B6, 21, 00] {TEST AL, 0xb6; AND [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, B5, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, B6, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, B4, 21, 00] {TEST AL, 0xb4; AND [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, B5, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, B6, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, B7, 21, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 004103FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 004101F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!UnhookWindowsHookEx 7741ADF9 3 Bytes JMP 00420A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!UnhookWindowsHookEx + 4 7741ADFD 1 Byte [89] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!UnhookWinEvent 7741B750 3 Bytes JMP 004203FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!UnhookWinEvent + 4 7741B754 1 Byte [89] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00420804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 004201F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1184] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00420600 .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001F03FC .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Sony\VAIO Care\listener.exe[1212] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 001F0600 .text C:\Windows\system32\svchost.exe[1216] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\atieclxx.exe[1276] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[1328] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1468] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1480] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\wbem\wmiprvse.exe[1540] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000703FC .text C:\Windows\system32\wbem\wmiprvse.exe[1540] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000701F8 .text C:\Windows\system32\wbem\wmiprvse.exe[1540] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\wbem\wmiprvse.exe[1540] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00090A08 .text C:\Windows\system32\wbem\wmiprvse.exe[1540] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000903FC .text C:\Windows\system32\wbem\wmiprvse.exe[1540] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00090804 .text C:\Windows\system32\wbem\wmiprvse.exe[1540] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000901F8 .text C:\Windows\system32\wbem\wmiprvse.exe[1540] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00090600 .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[1584] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\Dwm.exe[1656] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\spoolsv.exe[1676] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[1736] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\Explorer.EXE[1740] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text ... .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000F03FC .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000F01F8 .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00100A08 .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001003FC .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00100804 .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001001F8 .text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[1808] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00100600 .text C:\Windows\system32\taskhost.exe[1836] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 18, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 1B, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 18, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 19, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A854BC C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 1A, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 19, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 1A, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A8554D C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 18, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A8570B C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 19, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 1A, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 1B, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 010303FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 010301F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 01040A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 010403FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 01040804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 010401F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[1948] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 01040600 .text C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe[1964] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[2056] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\iTunes\iTunesHelper.exe[2088] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe[2120] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Windows Sidebar\sidebar.exe[2132] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text ... .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00100A08 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001003FC .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00100804 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001001F8 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2208] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00100600 .text C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe[2212] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[2332] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe[2412] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00100A08 .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001003FC .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00100804 .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001001F8 .text C:\Program Files\Sony\VAIO Care\VCsystray.exe[2484] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00100600 .text C:\Windows\system32\taskeng.exe[2596] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2608] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2676] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes CALL 5AA656C1 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, EB, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes CALL 5AA65DD1 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes JMP 5AA65E81 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A84C8C C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes JMP E2FF00EE .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes JMP 5AA65F01 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes JMP E2FF00EE .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A84D1D C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes CALL 5AA66031 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A84EDB C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes JMP 5AA66731 C:\Program Files\Google\Chrome\Application\25.0.1364.152\chrome.dll (Google Chrome/Google Inc.) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes JMP E2FF00EE .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, EB, EE, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00F403FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00F401F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00F50A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00F503FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00F50804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00F501F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2740] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00F50600 .text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[2820] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2896] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2916] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[2928] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, BC, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, BF, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, BC, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, BD, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A85560 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, BE, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, BD, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, BE, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A855F1 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, BC, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A857AF C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, BD, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, BE, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, BF, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00FD03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00FD01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00FE0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00FE03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00FE0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00FE01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3160] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00FE0600 .text C:\Windows\system32\DllHost.exe[3232] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001703FC .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001701F8 .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00300A08 .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 003003FC .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00300804 .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 003001F8 .text C:\Program Files\Sony\VAIO Care\VCPerfService.exe[3256] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00300600 .text C:\Windows\system32\DllHost.exe[3464] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, F0, 7F, 00] {SUB AL, DH; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, F3, 7F, 00] {SUB BL, DH; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, F0, 7F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, F1, 7F, 00] {TEST AL, 0xf1; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, F2, 7F, 00] {TEST AL, 0xf2; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, F1, 7F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, F2, 7F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, F0, 7F, 00] {TEST AL, 0xf0; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, F1, 7F, 00] {SUB CL, DH; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, F2, 7F, 00] {SUB DL, DH; JG 0x4} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, F3, 7F, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 009C03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 009C01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 009D0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 009D03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 009D0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 009D01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3500] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 009D0600 .text C:\Windows\system32\svchost.exe[3508] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001203FC .text C:\Windows\system32\svchost.exe[3508] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001201F8 .text C:\Windows\system32\svchost.exe[3508] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[3508] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00240A08 .text C:\Windows\system32\svchost.exe[3508] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 002403FC .text C:\Windows\system32\svchost.exe[3508] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00240804 .text C:\Windows\system32\svchost.exe[3508] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 002401F8 .text C:\Windows\system32\svchost.exe[3508] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00240600 .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 000F0A08 .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000F03FC .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 000F0804 .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000F01F8 .text C:\Program Files\Sony\VAIO Care\VCService.exe[3544] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 000F0600 .text C:\Program Files\iPod\bin\iPodService.exe[3564] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[3640] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[3684] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, BC, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, BF, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, BC, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, BD, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A80160 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, BE, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, BD, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, BE, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A801F1 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, BC, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A803AF C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, BD, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, BE, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, BF, A3, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00B403FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00B401F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00B50A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00B503FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00B50804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00B501F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3784] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00B50600 .text C:\Windows\system32\SearchIndexer.exe[3916] kernel32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\vds.exe[4208] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000703FC .text C:\Windows\System32\vds.exe[4208] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000701F8 .text C:\Windows\System32\vds.exe[4208] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\vds.exe[4208] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00080A08 .text C:\Windows\System32\vds.exe[4208] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000803FC .text C:\Windows\System32\vds.exe[4208] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00080804 .text C:\Windows\System32\vds.exe[4208] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000801F8 .text C:\Windows\System32\vds.exe[4208] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00080600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 08, 8B, 00] {SUB [EAX], CL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 0B, 8B, 00] {SUB [EBX], CL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 08, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 09, 8B, 00] {TEST AL, 0x9; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 0A, 8B, 00] {TEST AL, 0xa; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 09, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 0A, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 08, 8B, 00] {TEST AL, 0x8; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 09, 8B, 00] {SUB [ECX], CL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 0A, 8B, 00] {SUB [EDX], CL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 0B, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00A903FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00A901F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00AA0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00AA03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00AA0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00AA01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4232] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00AA0600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 98, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 9B, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 98, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 99, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A81F3C C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 9A, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 99, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 9A, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A81FCD C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 98, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A8218B C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 99, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 9A, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 9B, C1, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00CE03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00CE01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00DF0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00DF03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00DF0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00DF01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4344] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00DF0600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 94, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 97, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 94, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 95, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A85538 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 96, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 95, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 96, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A855C9 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 94, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A85787 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 95, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 96, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 97, F7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 010403FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 010401F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 01050A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 010503FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 01050804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 010501F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[4392] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 01050600 .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001F03FC .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4396] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 001F0600 .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 002E03FC .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 002E01F8 .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00310A08 .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 003103FC .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00310804 .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 003101F8 .text C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4500] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00310600 .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000703FC .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000701F8 .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00080A08 .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000803FC .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00080804 .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000801F8 .text C:\Program Files\Sony\VAIO Smart Network\VSNService.exe[4536] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00080600 .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000703FC .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000701F8 .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001F03FC .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe[4708] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 001F0600 .text C:\Windows\system32\taskeng.exe[4808] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Windows\system32\taskeng.exe[4808] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Windows\system32\taskeng.exe[4808] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\taskeng.exe[4808] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00130A08 .text C:\Windows\system32\taskeng.exe[4808] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001303FC .text C:\Windows\system32\taskeng.exe[4808] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00130804 .text C:\Windows\system32\taskeng.exe[4808] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001301F8 .text C:\Windows\system32\taskeng.exe[4808] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00130600 .text C:\Windows\System32\svchost.exe[5068] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001203FC .text C:\Windows\System32\svchost.exe[5068] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001201F8 .text C:\Windows\System32\svchost.exe[5068] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[5068] user32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00190A08 .text C:\Windows\System32\svchost.exe[5068] user32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001903FC .text C:\Windows\System32\svchost.exe[5068] user32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00190804 .text C:\Windows\System32\svchost.exe[5068] user32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001901F8 .text C:\Windows\System32\svchost.exe[5068] user32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00190600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 64, D9, 00] {SUB [ECX+EBX*8+0x0], AH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 67, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 64, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 65, D9, 00] {TEST AL, 0x65; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A83708 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 66, D9, 00] {TEST AL, 0x66; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 65, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 66, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A83799 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 64, D9, 00] {TEST AL, 0x64; FLD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A83957 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 65, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 66, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 67, D9, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00DF03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00DF01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00E00A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00E003FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00E00804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00E001F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5232] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00E00600 .text C:\Windows\system32\wbem\wmiprvse.exe[5236] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Windows\system32\wbem\wmiprvse.exe[5236] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Windows\system32\wbem\wmiprvse.exe[5236] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\system32\wbem\wmiprvse.exe[5236] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00100A08 .text C:\Windows\system32\wbem\wmiprvse.exe[5236] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001003FC .text C:\Windows\system32\wbem\wmiprvse.exe[5236] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00100804 .text C:\Windows\system32\wbem\wmiprvse.exe[5236] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001001F8 .text C:\Windows\system32\wbem\wmiprvse.exe[5236] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00100600 .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000803FC .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000801F8 .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00210A08 .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 002103FC .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00210804 .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 002101F8 .text C:\Program Files\Sony\VAIO Update\VUAgent.exe[5348] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00210600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, 6C, A5, 00] {SUB [EBP+0x0], CH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, 6F, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, 6C, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, 6D, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A80310 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, 6E, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, 6D, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, 6E, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A803A1 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, 6C, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A8055F C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, 6D, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, 6E, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, 6F, A5, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00B603FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00B601F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00B70A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00B703FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00B70804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00B701F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5448] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00B70600 .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001F03FC .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 001F0804 .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001F01F8 .text C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe[5512] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 001F0600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtCreateFile + 6 77A755CE 4 Bytes [28, D0, CD, 00] {SUB AL, DL; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtCreateFile + B 77A755D3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtMapViewOfSection + 6 77A75C2E 4 Bytes [28, D3, CD, 00] {SUB BL, DL; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtMapViewOfSection + B 77A75C33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenFile + 6 77A75CDE 4 Bytes [68, D0, CD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenFile + B 77A75CE3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcess + 6 77A75D8E 4 Bytes [A8, D1, CD, 00] {TEST AL, 0xd1; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcess + B 77A75D93 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcessToken + 6 77A75D9E 4 Bytes CALL 76A82B74 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcessToken + B 77A75DA3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcessTokenEx + 6 77A75DAE 4 Bytes [A8, D2, CD, 00] {TEST AL, 0xd2; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenProcessTokenEx + B 77A75DB3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThread + 6 77A75E0E 4 Bytes [68, D1, CD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThread + B 77A75E13 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThreadToken + 6 77A75E1E 4 Bytes [68, D2, CD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThreadToken + B 77A75E23 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThreadTokenEx + 6 77A75E2E 4 Bytes CALL 76A82C05 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtOpenThreadTokenEx + B 77A75E33 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtQueryAttributesFile + 6 77A75F3E 4 Bytes [A8, D0, CD, 00] {TEST AL, 0xd0; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtQueryAttributesFile + B 77A75F43 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtQueryFullAttributesFile + 6 77A75FEE 4 Bytes CALL 76A82DC3 C:\Windows\system32\SHELL32.dll (Wsp鏊na biblioteka DLL Pow這ki systemu Windows/Microsoft Corporation) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtQueryFullAttributesFile + B 77A75FF3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtSetInformationFile + 6 77A7663E 4 Bytes [28, D1, CD, 00] {SUB CL, DL; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtSetInformationFile + B 77A76643 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtSetInformationThread + 6 77A7669E 4 Bytes [28, D2, CD, 00] {SUB DL, DL; INT 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtSetInformationThread + B 77A766A3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtUnmapViewOfSection + 6 77A769BE 4 Bytes [68, D3, CD, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!NtUnmapViewOfSection + B 77A769C3 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 00EE03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 00EE01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00EF0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 00EF03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00EF0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 00EF01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[5904] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00EF0600 .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000D03FC .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000D01F8 .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 000F0A08 .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 000F03FC .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 000F0804 .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 000F01F8 .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5908] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 000F0600 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 000E03FC .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 000E01F8 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00110A08 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001103FC .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00110804 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001101F8 .text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5972] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00110600 .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 001F03FC .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Google\Chrome\Application\chrome.exe[6108] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 001F0600 .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] ntdll.dll!LdrUnloadDll 77A8C86E 5 Bytes JMP 001E03FC .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] ntdll.dll!LdrLoadDll 77A9223E 5 Bytes JMP 001E01F8 .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] KERNEL32.dll!GetBinaryTypeW + 70 76D569F4 1 Byte [62] .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] USER32.dll!UnhookWindowsHookEx 7741ADF9 5 Bytes JMP 00210A08 .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] USER32.dll!UnhookWinEvent 7741B750 5 Bytes JMP 002103FC .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] USER32.dll!SetWindowsHookExW 7741E30C 5 Bytes JMP 00210804 .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] USER32.dll!SetWinEventHook 774224DC 5 Bytes JMP 002101F8 .text C:\Program Files\Sony\VAIO Care\Admload.exe[6128] USER32.dll!SetWindowsHookExA 77446D0C 5 Bytes JMP 00210600 ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7221FC70] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[2056] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7221FC70] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) ---- Devices - GMER 2.1 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterownik闚 trybu j鉅ra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterownik闚 trybu j鉅ra/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\BTHUSB \Device\00000079 bthport.sys (Sterownik magistrali Bluetooth/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\BTHUSB \Device\0000007b bthport.sys (Sterownik magistrali Bluetooth/Microsoft Corporation) ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9cf24a8 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9cf24a8 (not active ControlSet) ---- EOF - GMER 2.1 ----