GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-02-08 23:45:55 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-7 WDC_WD5000AAKS-00D2B0 rev.12.01C02 Running: x6lx82e4.exe; Driver: C:\DOCUME~1\QWERTY\USTAWI~1\Temp\ugtdqpog.sys ---- System - GMER 1.0.15 ---- SSDT spse.sys ZwCreateKey [0xB7EB50E0] SSDT spse.sys ZwEnumerateKey [0xB7ECDDA4] SSDT spse.sys ZwEnumerateValueKey [0xB7ECE132] SSDT spse.sys ZwOpenKey [0xB7EB50C0] SSDT spse.sys ZwQueryKey [0xB7ECE20A] SSDT spse.sys ZwQueryValueKey [0xB7ECE08A] SSDT spse.sys ZwSetValueKey [0xB7ECE29C] INT 0x62 ? 8AED5BF8 INT 0x63 ? 8AC85CD8 INT 0x63 ? 8AC85CD8 INT 0x63 ? 8AC85CD8 INT 0x73 ? 8AED5BF8 INT 0x73 ? 8AED5BF8 INT 0x82 ? 8AED5BF8 INT 0x83 ? 8AC85CD8 INT 0x83 ? 8AC85CD8 INT 0x83 ? 8AC85CD8 INT 0xA4 ? 8AC85CD8 INT 0xB4 ? 8AC85CD8 ---- Kernel code sections - GMER 1.0.15 ---- ? spse.sys Nie można odnaleźć określonego pliku. ! .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB34D0360, 0x3D46A5, 0xE8000020] .text USBPORT.SYS!DllUnload B34938AC 5 Bytes JMP 8AC852B8 .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xAFE29300, 0x3B6D8, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xB8480300, 0x1BEE, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1536] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[1552] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2136] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[2848] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3568] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90ECFC .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90ED6D .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90EE9B .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 17, 00] .text C:\Documents and Settings\QWERTY\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe[3968] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7EB6042] spse.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7EB613E] spse.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7EB60C0] spse.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7EB6800] spse.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7EB66D6] spse.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B7EC5B90] spse.sys ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8AED41F8 Device \Driver\usbohci \Device\USBPDO-0 8AC86500 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8AF491F8 Device \Driver\dmio \Device\DmControl\DmConfig 8AF491F8 Device \Driver\dmio \Device\DmControl\DmPnP 8AF491F8 Device \Driver\dmio \Device\DmControl\DmInfo 8AF491F8 Device \Driver\usbohci \Device\USBPDO-1 8AC86500 Device \Driver\usbehci \Device\USBPDO-2 8AC25500 Device \Driver\NetBT \Device\NetBT_Tcpip_{600BB0E7-5318-4C2B-A301-B6994EC1D42A} 8A3401F8 Device \Driver\usbohci \Device\USBPDO-3 8AC86500 Device \Driver\usbohci \Device\USBPDO-4 8AC86500 AttachedDevice \Driver\Tcpip \Device\Tcp ABTDI.sys (ABTDI/ArcaBit) Device \Driver\usbehci \Device\USBPDO-5 8AC25500 Device \Driver\usbohci \Device\USBPDO-6 8AC86500 Device \Driver\Ftdisk \Device\HarddiskVolume1 8AED61F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8AED61F8 Device \Driver\Cdrom \Device\CdRom0 8AC95500 Device \Driver\atapi \Device\Ide\IdePort0 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort2 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort3 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7 [B7E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\Ftdisk \Device\HarddiskVolume3 8AED61F8 Device \Driver\Ftdisk \Device\HarddiskVolume4 8AED61F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 8A3401F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{7777A87C-EEB9-4C02-B8F5-4A0C173E3EA7} 8A3401F8 Device \Driver\NetBT \Device\NetbiosSmb 8A3401F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{33FCD612-12C5-484E-89A0-568AF3628B32} 8A3401F8 Device \Driver\usbohci \Device\USBFDO-0 8AC86500 Device \Driver\usbohci \Device\USBFDO-1 8AC86500 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A32F500 Device \Driver\usbehci \Device\USBFDO-2 8AC25500 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A32F500 Device \Driver\usbohci \Device\USBFDO-3 8AC86500 Device \Driver\usbohci \Device\USBFDO-4 8AC86500 Device \Driver\Ftdisk \Device\FtControl 8AED61F8 Device \Driver\usbehci \Device\USBFDO-5 8AC25500 Device \Driver\usbohci \Device\USBFDO-6 8AC86500 Device \FileSystem\Cdfs \Cdfs 8ACFF500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB2 0x5D 0xEC 0xE3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0x8A 0xA8 0x24 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7C 0xF4 0x82 0x10 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x35 0xA1 0x67 0x62 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xB2 0x5D 0xEC 0xE3 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0x8A 0xA8 0x24 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7C 0xF4 0x82 0x10 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x35 0xA1 0x67 0x62 ... ---- EOF - GMER 1.0.15 ----