GMER 1.0.15.15627 - http://www.gmer.net Rootkit scan 2011-05-29 09:35:56 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.AH30 Running: cfzr6ipg.exe; Driver: C:\DOCUME~1\hp\USTAWI~1\Temp\uxtdqpow.sys ---- System - GMER 1.0.15 ---- SSDT 87B53C90 ZwAssignProcessToJobObject SSDT 87B54200 ZwDebugActiveProcess SSDT 87B542F0 ZwDuplicateObject SSDT 87B53590 ZwOpenProcess SSDT 87B53800 ZwOpenThread SSDT 87B53FD0 ZwProtectVirtualMemory SSDT 87B540E0 ZwQueueApcThread SSDT 87B53EC0 ZwSetContextThread SSDT 87B53D90 ZwSetInformationThread SSDT 87B50DA0 ZwSetSecurityObject SSDT 87B53B90 ZwSuspendProcess SSDT 87B53A80 ZwSuspendThread SSDT 87B536E0 ZwTerminateProcess SSDT 87B53A50 ZwTerminateThread SSDT 87B546D0 ZwWriteVirtualMemory Code \??\C:\DOCUME~1\hp\USTAWI~1\Temp\catchme.sys pIofCallDriver ---- Kernel code sections - GMER 1.0.15 ---- ? C:\WINDOWS\system32\Drivers\PROCEXP113.SYS Nie można odnaleźć określonego pliku. ! ? C:\DOCUME~1\hp\USTAWI~1\Temp\catchme.sys Nie można odnaleźć określonego pliku. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1908] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00] .text C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[608] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[732] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3280] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 IAT C:\Documents and Settings\hp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3592] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET) Device \Driver\iaStor \Device\Ide\iaStor0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) ---- EOF - GMER 1.0.15 ----