GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-06-05 03:09:31 Windows 5.1.2600 Dodatek Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_SP0812N rev.TK100-30 74,56GB Running: 4psed794.exe; Driver: C:\DOCUME~1\Gracz\USTAWI~1\Temp\kwldapog.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\system32\DRIVERS\nv4_mini.sys section is writeable [0xF62CE360, 0x307F47, 0xE8000020] ---- User code sections - GMER 2.1 ---- .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1256] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1492] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\Gracz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3328] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- Registry - GMER 2.1 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ... Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ... Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ... Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ... Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ... Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ... Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ... Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ... Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ... Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ... Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32 Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A24CC54-68AB-0858-7115-F81827457CD6} ---- EOF - GMER 2.1 ----