Prosím o kontrolu logu
Re: Prosím o kontrolu logu
AVG je jen pozůstatek po odinstalaci.... Jinak jsem spustil ten MBR, který jsem uložil na C, ale on jen bliknul a nic se neděje....
Re: Prosím o kontrolu logu
Už to něco udělalo... ale je toho trošku málo... :
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250410AS rev.3.AAA -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-10
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 488397164 (+0): user != kernel
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250410AS rev.3.AAA -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-10
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 488397164 (+0): user != kernel
Re: Prosím o kontrolu logu
Ahoj, záskok za kolegu. Vypadá to na Mbr rootkita, uvidíme 
Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- ulož ho na plochu a 2x klikni na ikonu programu a spusť
- dej volbu Spustit kontrolu - pak potvrd start sken
- pokud program najde infikovaný soubor, ukáže se předvolená akce Cure, v tom případě potvrd tlačítko Continue
- když bude chtít program restartovat počítač, klikni na tlačítko Reboot Now
- pokud si restart nevyžádá, klikni na tlačítko Report. Měl by vyskočit log, zkopíruj ho zde.
Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- ulož ho na plochu a 2x klikni na ikonu programu a spusť
- dej volbu Spustit kontrolu - pak potvrd start sken
- pokud program najde infikovaný soubor, ukáže se předvolená akce Cure, v tom případě potvrd tlačítko Continue
- když bude chtít program restartovat počítač, klikni na tlačítko Reboot Now
- pokud si restart nevyžádá, klikni na tlačítko Report. Měl by vyskočit log, zkopíruj ho zde.
Re: Prosím o kontrolu logu
Ahoj, vůbec nic si to nevyžádalo, zde je log:
2011/03/02 21:46:54.0093 3796 TDSS rootkit removing tool 2.4.20.0 Mar 2 2011 10:44:30
2011/03/02 21:46:54.0484 3796 ================================================================================
2011/03/02 21:46:54.0484 3796 SystemInfo:
2011/03/02 21:46:54.0484 3796
2011/03/02 21:46:54.0484 3796 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/02 21:46:54.0484 3796 Product type: Workstation
2011/03/02 21:46:54.0484 3796 ComputerName: DOMA-B2388FEC57
2011/03/02 21:46:54.0484 3796 UserName: Ondřej
2011/03/02 21:46:54.0484 3796 Windows directory: C:\WINDOWS
2011/03/02 21:46:54.0484 3796 System windows directory: C:\WINDOWS
2011/03/02 21:46:54.0484 3796 Processor architecture: Intel x86
2011/03/02 21:46:54.0484 3796 Number of processors: 2
2011/03/02 21:46:54.0484 3796 Page size: 0x1000
2011/03/02 21:46:54.0484 3796 Boot type: Normal boot
2011/03/02 21:46:54.0484 3796 ================================================================================
2011/03/02 21:46:54.0609 3796 Initialize success
2011/03/02 21:47:01.0062 3160 ================================================================================
2011/03/02 21:47:01.0062 3160 Scan started
2011/03/02 21:47:01.0062 3160 Mode: Manual;
2011/03/02 21:47:01.0062 3160 ================================================================================
2011/03/02 21:47:01.0578 3160 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/02 21:47:01.0687 3160 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/02 21:47:01.0734 3160 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/02 21:47:01.0812 3160 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/02 21:47:01.0953 3160 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/02 21:47:02.0031 3160 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/02 21:47:02.0062 3160 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/02 21:47:02.0109 3160 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/02 21:47:02.0187 3160 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/02 21:47:02.0250 3160 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
2011/03/02 21:47:02.0312 3160 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/02 21:47:02.0421 3160 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/02 21:47:02.0437 3160 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/02 21:47:02.0468 3160 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/02 21:47:02.0484 3160 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/02 21:47:02.0500 3160 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/02 21:47:02.0640 3160 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/02 21:47:02.0671 3160 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/02 21:47:02.0687 3160 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/02 21:47:02.0718 3160 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/02 21:47:02.0734 3160 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/02 21:47:02.0765 3160 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/02 21:47:02.0796 3160 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/03/02 21:47:02.0828 3160 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/03/02 21:47:02.0859 3160 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/03/02 21:47:02.0875 3160 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/02 21:47:02.0906 3160 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/02 21:47:02.0906 3160 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/02 21:47:02.0921 3160 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/02 21:47:02.0937 3160 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/02 21:47:02.0953 3160 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/02 21:47:02.0968 3160 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/02 21:47:02.0984 3160 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/02 21:47:03.0015 3160 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/02 21:47:03.0031 3160 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/02 21:47:03.0093 3160 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/02 21:47:03.0140 3160 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/02 21:47:03.0296 3160 IntcAzAudAddService (1367a51bb535d2f76f642d4aade72aee) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/03/02 21:47:03.0375 3160 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/02 21:47:03.0375 3160 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/02 21:47:03.0421 3160 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/02 21:47:03.0562 3160 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/02 21:47:03.0656 3160 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/02 21:47:03.0843 3160 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/02 21:47:03.0859 3160 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/02 21:47:03.0875 3160 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/02 21:47:03.0890 3160 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/02 21:47:03.0906 3160 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/02 21:47:03.0921 3160 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/02 21:47:03.0953 3160 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/02 21:47:04.0000 3160 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/02 21:47:04.0046 3160 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/02 21:47:04.0046 3160 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/02 21:47:04.0062 3160 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/02 21:47:04.0078 3160 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/02 21:47:04.0109 3160 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/03/02 21:47:04.0140 3160 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/02 21:47:04.0187 3160 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/02 21:47:04.0218 3160 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/02 21:47:04.0234 3160 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/02 21:47:04.0250 3160 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/02 21:47:04.0265 3160 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/02 21:47:04.0281 3160 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/02 21:47:04.0281 3160 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/02 21:47:04.0296 3160 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/02 21:47:04.0312 3160 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/02 21:47:04.0343 3160 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/02 21:47:04.0343 3160 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/02 21:47:04.0359 3160 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/02 21:47:04.0390 3160 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/02 21:47:04.0390 3160 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/02 21:47:04.0437 3160 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/02 21:47:04.0437 3160 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/02 21:47:04.0468 3160 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/02 21:47:04.0500 3160 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/02 21:47:04.0515 3160 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/02 21:47:04.0562 3160 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/02 21:47:04.0625 3160 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/02 21:47:04.0828 3160 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/02 21:47:04.0953 3160 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/02 21:47:04.0968 3160 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/02 21:47:04.0984 3160 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/02 21:47:05.0000 3160 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/02 21:47:05.0015 3160 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/02 21:47:05.0062 3160 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/02 21:47:05.0109 3160 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/02 21:47:05.0156 3160 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/02 21:47:05.0187 3160 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/02 21:47:05.0375 3160 PinnacleRoyalTS (48b06eca2c2f036eb3912d816ee5941b) C:\WINDOWS\system32\DRIVERS\RoyalTS.sys
2011/03/02 21:47:05.0421 3160 PnkBstrK (f4ba8e3e515a3dd9dd29a031d6f94e02) C:\WINDOWS\system32\drivers\PnkBstrK.sys
2011/03/02 21:47:05.0437 3160 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/02 21:47:05.0453 3160 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/02 21:47:05.0468 3160 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/02 21:47:05.0515 3160 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/02 21:47:05.0609 3160 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/02 21:47:05.0671 3160 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/02 21:47:05.0687 3160 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/02 21:47:05.0687 3160 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/02 21:47:05.0734 3160 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/02 21:47:05.0750 3160 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/02 21:47:05.0796 3160 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/02 21:47:05.0812 3160 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/02 21:47:05.0859 3160 RTLE8023xp (a492cee016b50fba6a127589a525bf96) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/03/02 21:47:05.0906 3160 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/03/02 21:47:05.0921 3160 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/02 21:47:05.0937 3160 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/02 21:47:05.0953 3160 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/02 21:47:06.0000 3160 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/02 21:47:06.0046 3160 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/02 21:47:06.0093 3160 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/02 21:47:06.0125 3160 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/02 21:47:06.0156 3160 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/02 21:47:06.0203 3160 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/02 21:47:06.0218 3160 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/02 21:47:06.0234 3160 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/02 21:47:06.0296 3160 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/02 21:47:06.0375 3160 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/02 21:47:06.0406 3160 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/02 21:47:06.0437 3160 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/02 21:47:06.0453 3160 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/02 21:47:06.0484 3160 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/02 21:47:06.0515 3160 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/02 21:47:06.0562 3160 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/02 21:47:06.0578 3160 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/02 21:47:06.0593 3160 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/02 21:47:06.0609 3160 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/02 21:47:06.0656 3160 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/02 21:47:06.0671 3160 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/02 21:47:06.0718 3160 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/02 21:47:06.0734 3160 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/02 21:47:06.0796 3160 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/02 21:47:06.0859 3160 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/02 21:47:06.0875 3160 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/02 21:47:06.0921 3160 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/02 21:47:06.0968 3160 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/02 21:47:07.0000 3160 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/02 21:47:07.0015 3160 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/02 21:47:07.0281 3160 ================================================================================
2011/03/02 21:47:07.0281 3160 Scan finished
2011/03/02 21:47:07.0281 3160 ================================================================================
2011/03/02 21:46:54.0093 3796 TDSS rootkit removing tool 2.4.20.0 Mar 2 2011 10:44:30
2011/03/02 21:46:54.0484 3796 ================================================================================
2011/03/02 21:46:54.0484 3796 SystemInfo:
2011/03/02 21:46:54.0484 3796
2011/03/02 21:46:54.0484 3796 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/02 21:46:54.0484 3796 Product type: Workstation
2011/03/02 21:46:54.0484 3796 ComputerName: DOMA-B2388FEC57
2011/03/02 21:46:54.0484 3796 UserName: Ondřej
2011/03/02 21:46:54.0484 3796 Windows directory: C:\WINDOWS
2011/03/02 21:46:54.0484 3796 System windows directory: C:\WINDOWS
2011/03/02 21:46:54.0484 3796 Processor architecture: Intel x86
2011/03/02 21:46:54.0484 3796 Number of processors: 2
2011/03/02 21:46:54.0484 3796 Page size: 0x1000
2011/03/02 21:46:54.0484 3796 Boot type: Normal boot
2011/03/02 21:46:54.0484 3796 ================================================================================
2011/03/02 21:46:54.0609 3796 Initialize success
2011/03/02 21:47:01.0062 3160 ================================================================================
2011/03/02 21:47:01.0062 3160 Scan started
2011/03/02 21:47:01.0062 3160 Mode: Manual;
2011/03/02 21:47:01.0062 3160 ================================================================================
2011/03/02 21:47:01.0578 3160 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/02 21:47:01.0687 3160 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/02 21:47:01.0734 3160 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/02 21:47:01.0812 3160 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/02 21:47:01.0953 3160 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/02 21:47:02.0031 3160 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/02 21:47:02.0062 3160 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/02 21:47:02.0109 3160 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/02 21:47:02.0187 3160 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/02 21:47:02.0250 3160 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
2011/03/02 21:47:02.0312 3160 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/02 21:47:02.0421 3160 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/02 21:47:02.0437 3160 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/02 21:47:02.0468 3160 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/02 21:47:02.0484 3160 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/02 21:47:02.0500 3160 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/02 21:47:02.0640 3160 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/02 21:47:02.0671 3160 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/02 21:47:02.0687 3160 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/02 21:47:02.0718 3160 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/02 21:47:02.0734 3160 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/02 21:47:02.0765 3160 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/02 21:47:02.0796 3160 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/03/02 21:47:02.0828 3160 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/03/02 21:47:02.0859 3160 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/03/02 21:47:02.0875 3160 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/02 21:47:02.0906 3160 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/02 21:47:02.0906 3160 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/02 21:47:02.0921 3160 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/02 21:47:02.0937 3160 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/02 21:47:02.0953 3160 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/02 21:47:02.0968 3160 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/02 21:47:02.0984 3160 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/02 21:47:03.0015 3160 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/02 21:47:03.0031 3160 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/02 21:47:03.0093 3160 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/02 21:47:03.0140 3160 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/02 21:47:03.0296 3160 IntcAzAudAddService (1367a51bb535d2f76f642d4aade72aee) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/03/02 21:47:03.0375 3160 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/02 21:47:03.0375 3160 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/02 21:47:03.0421 3160 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/02 21:47:03.0562 3160 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/02 21:47:03.0656 3160 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/02 21:47:03.0843 3160 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/02 21:47:03.0859 3160 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/02 21:47:03.0875 3160 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/02 21:47:03.0890 3160 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/02 21:47:03.0906 3160 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/02 21:47:03.0921 3160 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/02 21:47:03.0953 3160 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/02 21:47:04.0000 3160 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/02 21:47:04.0046 3160 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/02 21:47:04.0046 3160 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/02 21:47:04.0062 3160 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/02 21:47:04.0078 3160 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/02 21:47:04.0109 3160 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/03/02 21:47:04.0140 3160 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/02 21:47:04.0187 3160 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/02 21:47:04.0218 3160 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/02 21:47:04.0234 3160 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/02 21:47:04.0250 3160 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/02 21:47:04.0265 3160 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/02 21:47:04.0281 3160 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/02 21:47:04.0281 3160 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/02 21:47:04.0296 3160 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/02 21:47:04.0312 3160 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/02 21:47:04.0343 3160 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/02 21:47:04.0343 3160 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/02 21:47:04.0359 3160 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/02 21:47:04.0390 3160 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/02 21:47:04.0390 3160 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/02 21:47:04.0437 3160 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/02 21:47:04.0437 3160 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/02 21:47:04.0468 3160 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/02 21:47:04.0500 3160 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/02 21:47:04.0515 3160 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/02 21:47:04.0562 3160 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/02 21:47:04.0625 3160 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/02 21:47:04.0828 3160 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/02 21:47:04.0953 3160 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/02 21:47:04.0968 3160 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/02 21:47:04.0984 3160 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/02 21:47:05.0000 3160 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/02 21:47:05.0015 3160 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/02 21:47:05.0062 3160 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/02 21:47:05.0109 3160 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/02 21:47:05.0156 3160 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/02 21:47:05.0187 3160 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/02 21:47:05.0375 3160 PinnacleRoyalTS (48b06eca2c2f036eb3912d816ee5941b) C:\WINDOWS\system32\DRIVERS\RoyalTS.sys
2011/03/02 21:47:05.0421 3160 PnkBstrK (f4ba8e3e515a3dd9dd29a031d6f94e02) C:\WINDOWS\system32\drivers\PnkBstrK.sys
2011/03/02 21:47:05.0437 3160 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/02 21:47:05.0453 3160 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/02 21:47:05.0468 3160 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/02 21:47:05.0515 3160 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/02 21:47:05.0609 3160 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/02 21:47:05.0671 3160 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/02 21:47:05.0687 3160 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/02 21:47:05.0687 3160 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/02 21:47:05.0734 3160 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/02 21:47:05.0750 3160 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/02 21:47:05.0796 3160 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/02 21:47:05.0812 3160 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/02 21:47:05.0859 3160 RTLE8023xp (a492cee016b50fba6a127589a525bf96) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/03/02 21:47:05.0906 3160 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/03/02 21:47:05.0921 3160 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/02 21:47:05.0937 3160 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/02 21:47:05.0953 3160 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/02 21:47:06.0000 3160 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/02 21:47:06.0046 3160 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/02 21:47:06.0093 3160 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/02 21:47:06.0125 3160 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/02 21:47:06.0156 3160 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/02 21:47:06.0203 3160 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/02 21:47:06.0218 3160 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/02 21:47:06.0234 3160 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/02 21:47:06.0296 3160 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/02 21:47:06.0375 3160 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/02 21:47:06.0406 3160 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/02 21:47:06.0437 3160 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/02 21:47:06.0453 3160 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/02 21:47:06.0484 3160 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/02 21:47:06.0515 3160 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/02 21:47:06.0562 3160 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/02 21:47:06.0578 3160 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/02 21:47:06.0593 3160 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/02 21:47:06.0609 3160 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/02 21:47:06.0656 3160 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/02 21:47:06.0671 3160 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/02 21:47:06.0718 3160 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/02 21:47:06.0734 3160 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/02 21:47:06.0796 3160 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/02 21:47:06.0859 3160 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/02 21:47:06.0875 3160 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/02 21:47:06.0921 3160 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/02 21:47:06.0968 3160 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/02 21:47:07.0000 3160 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/02 21:47:07.0015 3160 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/02 21:47:07.0281 3160 ================================================================================
2011/03/02 21:47:07.0281 3160 Scan finished
2011/03/02 21:47:07.0281 3160 ================================================================================
Re: Prosím o kontrolu logu
Stahni Gmer http://www.gmer.net/gmer.zip
-rozbal ho a spusť
-po prvním rychlém skenu klikni na tlačítko Save, uloží se log, který mi sem zkopíruješ.
-v pravém sloupci označ všechny položky fajfkou ve čtverečku a klikni na tlačítko scan
-až se sken dokončí, opět tlačítkem Save ulož log, který sem vložíš.
-rozbal ho a spusť
-po prvním rychlém skenu klikni na tlačítko Save, uloží se log, který mi sem zkopíruješ.
-v pravém sloupci označ všechny položky fajfkou ve čtverečku a klikni na tlačítko scan
-až se sken dokončí, opět tlačítkem Save ulož log, který sem vložíš.
Re: Prosím o kontrolu logu
Tak zatím tu mám pouze ten první log (jinak, před scanem jsem nic neukončoval, běžely okna a na druhém účtu skenoval data recovery - ne můj):
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-03-03 15:51:01
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b ST3250410AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\ONDEJ~1\LOCALS~1\Temp\kfloypog.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-03-03 15:51:01
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b ST3250410AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\ONDEJ~1\LOCALS~1\Temp\kfloypog.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
---- EOF - GMER 1.0.15 ----
Re: Prosím o kontrolu logu
Počkám na ten druhý log.
Re: Prosím o kontrolu logu
Kdo si počká, ten se dočká :-)
Zde ho máte:
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-03 21:03:13
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b ST3250410AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\ONDEJ~1\LOCALS~1\Temp\kfloypog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xB3854610]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xB3854C10]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xB3854730]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xB38544B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xB3854570]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xB38546D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xB3854790]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xB3854690]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xB3854650]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xB38547D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xB3854510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xB3854590]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xB38544D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xB38545D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xB3854750]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6F2E3A0, 0x5CC259, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[504] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[504] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\WINDOWS\system32\SearchIndexer.exe[756] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1376] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1376] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1800] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3004] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3004] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3504] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3504] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3692] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3692] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3732] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3732] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3992] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3992] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
---- Processes - GMER 1.0.15 ----
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [3352] 0x5E470000
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x46 0x47 0x15 0xB0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Zde ho máte:
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-03 21:03:13
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b ST3250410AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\ONDEJ~1\LOCALS~1\Temp\kfloypog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xB3854610]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xB3854C10]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xB3854730]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xB38544B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xB3854570]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xB38546D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xB3854790]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xB3854690]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xB3854650]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xB38547D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xB3854510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xB3854590]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xB38544D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xB38545D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xB3854750]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6F2E3A0, 0x5CC259, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[504] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[504] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\WINDOWS\system32\SearchIndexer.exe[756] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1376] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1376] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1800] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3004] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3004] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3504] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3504] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3692] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3692] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3732] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3732] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3992] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 10001D10 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
.text C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3992] kernel32.dll!GetTempFileNameW 7C8359E7 5 Bytes JMP 10002040 C:\Documents and Settings\Petr\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll (FLV Service Library for Freecorder 4/Applian Technologies, Inc.)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[208] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[240] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
IAT C:\Documents and Settings\Ondřej\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2128] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002C0010
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
---- Processes - GMER 1.0.15 ----
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [3352] 0x5E470000
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x46 0x47 0x15 0xB0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Re: Prosím o kontrolu logu
Pokračování dole - Vše se mi do jednoho příspěvku nevešlo... 
Je toho dost, co? :-)
Je toho dost, co? :-)
Naposledy upravil(a) Bjarni dne 03 bře 2011 21:09, celkem upraveno 2 x.
Re: Prosím o kontrolu logu
Pokračování:
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\Ondřej\Dokumenty\Downloads\start (8).gp1 0 bytes
---- EOF - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\Ondřej\Dokumenty\Downloads\start (8).gp1 0 bytes
---- EOF - GMER 1.0.15 ----
Re: Prosím o kontrolu logu
Hm, mbr vypadá v pořádku, ještě prověříme jestli se něco nenabalilo na explorer.
Jinak s počítačem to teď vypadá jak?
Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:
-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož
Jinak s počítačem to teď vypadá jak?
Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož
Re: Prosím o kontrolu logu
Na počítači se nic moc nezměnilo, krom toho, že je asi vyčištěnější, ale jinak z operačního hlediska se nic nezměnilo..... OTL zatím pracuje a vypadá, že ještě notnou chvíli bude, ale trochu mě zaráží, že stáří souborů je nastaveno na 30 dnů...
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů