Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
haveď
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Poslední 3 obrázky v odkazu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: haveď
Status: Disinfected (events: 4)
28. 2. 2012 21:49:25 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.01_G00002634538/classes.dex High
28. 2. 2012 21:50:30 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.6_G00003667491/classes.dex High
28. 2. 2012 21:49:25 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.01_G00002634538 High
28. 2. 2012 21:50:30 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.6_G00003667491 High
Status: Deleted (events: 2)
28. 2. 2012 22:57:03 Deleted Trojan program Trojan.Win32.Agent2.clwo C:\PacSteamT\GCFLinkGrabber.exe High
29. 2. 2012 0:20:09 Deleted Trojan program Trojan.Win32.Agent2.clwo C:\System Volume Information\_restore{BD55381C-9990-4A3D-9DF0-BE572ED09079}\RP454\A0145348.exe High
Status: Absent (events: 2)
28. 2. 2012 22:59:13 Not found Trojan program Trojan-Downloader.Win32.Banload.bmei C:\PacSteamT\ForumINFO\PacForum.exe High
29. 2. 2012 0:20:09 Not found Trojan program Trojan-Downloader.Win32.Banload.bmei C:\System Volume Information\_restore{BD55381C-9990-4A3D-9DF0-BE572ED09079}\RP454\A0145349.exe High
28. 2. 2012 21:49:25 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.01_G00002634538/classes.dex High
28. 2. 2012 21:50:30 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.6_G00003667491/classes.dex High
28. 2. 2012 21:49:25 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.01_G00002634538 High
28. 2. 2012 21:50:30 Disinfected Trojan program HEUR:Trojan.AndroidOS.Plangton.a C:\Documents and Settings\mates\Dokumenty\samsung\Kies\Download\Applications\_@_!_+__1.6_G00003667491 High
Status: Deleted (events: 2)
28. 2. 2012 22:57:03 Deleted Trojan program Trojan.Win32.Agent2.clwo C:\PacSteamT\GCFLinkGrabber.exe High
29. 2. 2012 0:20:09 Deleted Trojan program Trojan.Win32.Agent2.clwo C:\System Volume Information\_restore{BD55381C-9990-4A3D-9DF0-BE572ED09079}\RP454\A0145348.exe High
Status: Absent (events: 2)
28. 2. 2012 22:59:13 Not found Trojan program Trojan-Downloader.Win32.Banload.bmei C:\PacSteamT\ForumINFO\PacForum.exe High
29. 2. 2012 0:20:09 Not found Trojan program Trojan-Downloader.Win32.Banload.bmei C:\System Volume Information\_restore{BD55381C-9990-4A3D-9DF0-BE572ED09079}\RP454\A0145349.exe High
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Něco AVP smazal. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Firefox. IE, nebo to dělají oba?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Zkuste reinstal FF pomocí MozBackUp: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Zkuste povypínat všechny doplňky FF. Pak je po jednom zapínejte, až dojdete k tomu, který to způsobuje.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Udělejte sken GMER: http://forum.viry.cz/viewtopic.php?f=29&t=62878 a dejte oba logy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: haveď
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-02 20:28:48
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b Maxtor_6L160M0 rev.BANC1G10
Running: gmer.exe; Driver: C:\DOCUME~1\mates\LOCALS~1\Temp\pxrcifow.sys
---- System - GMER 1.0.15 ----
SSDT sptd.sys ZwEnumerateKey [0xB7F03018]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F033A6]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Ntfs \Ntfs 8A6BA1E8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2012-03-02 20:28:48
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b Maxtor_6L160M0 rev.BANC1G10
Running: gmer.exe; Driver: C:\DOCUME~1\mates\LOCALS~1\Temp\pxrcifow.sys
---- System - GMER 1.0.15 ----
SSDT sptd.sys ZwEnumerateKey [0xB7F03018]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F033A6]
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Ntfs \Ntfs 8A6BA1E8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
---- EOF - GMER 1.0.15 ----
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: haveď
Tento log je čistý. Zbývá tedy obnova systému k datu, kdy korektně fungoval. Pokud to nebude možné zkuste opravu XPManagerem: http://forum.viry.cz/viewtopic.php?f=46&t=17549 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: haveď
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-02 22:23:04
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b Maxtor_6L160M0 rev.BANC1G10
Running: gmer.exe; Driver: C:\DOCUME~1\mates\LOCALS~1\Temp\pxrcifow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xB44A54B0]
SSDT sptd.sys ZwCreateKey [0xB7ECEFA0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0xB44A57F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xB44A5AB0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xB44A55D0]
SSDT sptd.sys ZwEnumerateKey [0xB7F03018]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F033A6]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0xB44A58B0]
SSDT sptd.sys ZwOpenKey [0xB7ECEF80]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xB44A5350]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xB44A5410]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xB44A5570]
SSDT sptd.sys ZwQueryKey [0xB7F0347E]
SSDT sptd.sys ZwQueryValueKey [0xB7F032FE]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xB44A5630]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xB44A5530]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xB44A54F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xB44A5670]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0xB44A5870]
SSDT sptd.sys ZwSetValueKey [0xB7F03510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xB44A53B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xB44A5430]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0xB44A5830]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xB44A5370]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xB44A5470]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xB44A55F0]
INT 0x63 ? 8A6EECB8
INT 0x63 ? 8A6EECB8
INT 0x63 ? 8A4B9CB8
INT 0x63 ? 8A4B9CB8
INT 0x63 ? 8A6EECB8
INT 0x74 ? 8A4B9CB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A4B9CB8
INT 0x94 ? 8A6EECB8
INT 0xB4 ? 8A4B9CB8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD8 80504874 12 Bytes [B0, 53, 4A, B4, 30, 54, 4A, ...]
.text sptd.sys B7E92000 28 Bytes [30, 78, 6E, 80, A6, CB, 6E, ...]
.text sptd.sys B7E9201D 3 Bytes [79, 6E, 80]
.text sptd.sys B7E92024 120 Bytes [D8, 52, 53, 80, 68, B9, 54, ...]
.text sptd.sys B7E9209D 124 Bytes [97, 53, 80, A0, 98, 53, 80, ...]
.text sptd.sys B7E9211A 178 Bytes [4F, 80, 82, F8, 4E, 80, 3E, ...]
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB7F3C9E3]
? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB698A3A0, 0x59FFE5, 0xE8000020]
.text USBPORT.SYS!DllUnload B692C8AC 5 Bytes JMP 8A4B91C8
.reloc C:\WINDOWS\system32\drivers\acedrv11.sys section is executable [0xB3246600, 0x25B0C, 0xE0000060]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 030B1080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 030B1120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 030B1030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[1740] ntdll.dll!DbgUiRemoteBreakin 7C9520EC 1 Byte [C3]
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2156] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 00B91080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 00B91120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 00B91030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 04881080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 04881120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 04881030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 00E41080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 00E41120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 00E41030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 06891080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 06891120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 06891030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B7E9420E] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B7E9370C] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B7E93EEE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7E9370C] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7E938F0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7E93832] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7E940CC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7E93EEE] sptd.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8A6BA1E8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\NetBT \Device\NetBT_Tcpip_{95D35B9B-8C14-499A-AE54-2FED6877C564} 8A2FC430
Device \Driver\usbuhci \Device\USBPDO-0 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-1 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-2 8A3901E8
Device \Driver\usbehci \Device\USBPDO-3 8A37C1E8
Device \Driver\usbuhci \Device\USBPDO-4 8A3901E8
Device \Driver\PCI_PNP9142 \Device\00000055 sptd.sys
Device \Driver\PCI_PNP9142 \Device\00000055 sptd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBPDO-5 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-6 8A3901E8
Device \Driver\usbehci \Device\USBPDO-7 8A37C1E8
Device \Driver\Cdrom \Device\CdRom0 8A4A51E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\Cdrom \Device\CdRom1 8A4A51E8
Device \Driver\Cdrom \Device\CdRom2 8A4A51E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A2FC430
Device \Driver\NetBT \Device\NetBT_Tcpip_{921F6AD4-338D-4D6F-A13A-B373F83F0EC6} 8A2FC430
Device \Driver\NetBT \Device\NetbiosSmb 8A2FC430
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBFDO-0 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-1 8A3901E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A308430
Device \Driver\usbuhci \Device\USBFDO-2 8A3901E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A308430
Device \Driver\usbehci \Device\USBFDO-3 8A37C1E8
Device \Driver\usbuhci \Device\USBFDO-4 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-5 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-6 8A3901E8
Device \Driver\usbehci \Device\USBFDO-7 8A37C1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Cdfs \Cdfs 8A306430
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x95 0x2C 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0xC4 0x48 0xB3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0x18 0xD8 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA7 0xCC 0x91 0xA6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x2F 0x6C 0xBE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xC9 0x17 0x2A 0xDF ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x95 0x2C 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0xC4 0x48 0xB3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0x18 0xD8 0x2D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA7 0xCC 0x91 0xA6 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x2F 0x6C 0xBE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xC9 0x17 0x2A 0xDF ...
---- EOF - GMER 1.0.15 ----
Rootkit scan 2012-03-02 22:23:04
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1b Maxtor_6L160M0 rev.BANC1G10
Running: gmer.exe; Driver: C:\DOCUME~1\mates\LOCALS~1\Temp\pxrcifow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xB44A54B0]
SSDT sptd.sys ZwCreateKey [0xB7ECEFA0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0xB44A57F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xB44A5AB0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xB44A55D0]
SSDT sptd.sys ZwEnumerateKey [0xB7F03018]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F033A6]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0xB44A58B0]
SSDT sptd.sys ZwOpenKey [0xB7ECEF80]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xB44A5350]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xB44A5410]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xB44A5570]
SSDT sptd.sys ZwQueryKey [0xB7F0347E]
SSDT sptd.sys ZwQueryValueKey [0xB7F032FE]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xB44A5630]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xB44A5530]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xB44A54F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xB44A5670]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0xB44A5870]
SSDT sptd.sys ZwSetValueKey [0xB7F03510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xB44A53B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xB44A5430]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0xB44A5830]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xB44A5370]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xB44A5470]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xB44A55F0]
INT 0x63 ? 8A6EECB8
INT 0x63 ? 8A6EECB8
INT 0x63 ? 8A4B9CB8
INT 0x63 ? 8A4B9CB8
INT 0x63 ? 8A6EECB8
INT 0x74 ? 8A4B9CB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A6EECB8
INT 0x94 ? 8A4B9CB8
INT 0x94 ? 8A6EECB8
INT 0xB4 ? 8A4B9CB8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD8 80504874 12 Bytes [B0, 53, 4A, B4, 30, 54, 4A, ...]
.text sptd.sys B7E92000 28 Bytes [30, 78, 6E, 80, A6, CB, 6E, ...]
.text sptd.sys B7E9201D 3 Bytes [79, 6E, 80]
.text sptd.sys B7E92024 120 Bytes [D8, 52, 53, 80, 68, B9, 54, ...]
.text sptd.sys B7E9209D 124 Bytes [97, 53, 80, A0, 98, 53, 80, ...]
.text sptd.sys B7E9211A 178 Bytes [4F, 80, 82, F8, 4E, 80, 3E, ...]
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB7F3C9E3]
? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB698A3A0, 0x59FFE5, 0xE8000020]
.text USBPORT.SYS!DllUnload B692C8AC 5 Bytes JMP 8A4B91C8
.reloc C:\WINDOWS\system32\drivers\acedrv11.sys section is executable [0xB3246600, 0x25B0C, 0xE0000060]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 030B1080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 030B1120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\Explorer.EXE[352] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 030B1030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[1740] ntdll.dll!DbgUiRemoteBreakin 7C9520EC 1 Byte [C3]
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2156] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 00B91080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 00B91120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\WINDOWS\system32\NOTEPAD.EXE[2332] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 00B91030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 04881080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 04881120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2964] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 04881030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 00E41080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 00E41120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\DOCUME~1\mates\LOCALS~1\Temp\Rar$EX00.188\gmer.exe[3384] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 00E41030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!GetCursor 7E37A91B 5 Bytes JMP 06891080 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!DrawIconEx 7E37CB84 5 Bytes JMP 06891120 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3832] USER32.dll!GetIconInfo 7E37D427 5 Bytes JMP 06891030 C:\Program Files\CursorXP\CurXP0.dll (CursorXP control panel/ )
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B7E9420E] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B7E9370C] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B7E93EEE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7E9370C] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7E938F0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7E93832] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7E940CC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7E93EEE] sptd.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[952] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[1480] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[2584] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
IAT C:\Documents and Settings\mates\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe[3984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002E0010
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8A6BA1E8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\NetBT \Device\NetBT_Tcpip_{95D35B9B-8C14-499A-AE54-2FED6877C564} 8A2FC430
Device \Driver\usbuhci \Device\USBPDO-0 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-1 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-2 8A3901E8
Device \Driver\usbehci \Device\USBPDO-3 8A37C1E8
Device \Driver\usbuhci \Device\USBPDO-4 8A3901E8
Device \Driver\PCI_PNP9142 \Device\00000055 sptd.sys
Device \Driver\PCI_PNP9142 \Device\00000055 sptd.sys
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBPDO-5 8A3901E8
Device \Driver\usbuhci \Device\USBPDO-6 8A3901E8
Device \Driver\usbehci \Device\USBPDO-7 8A37C1E8
Device \Driver\Cdrom \Device\CdRom0 8A4A51E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-1b sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 [B7DFEB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\Cdrom \Device\CdRom1 8A4A51E8
Device \Driver\Cdrom \Device\CdRom2 8A4A51E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A2FC430
Device \Driver\NetBT \Device\NetBT_Tcpip_{921F6AD4-338D-4D6F-A13A-B373F83F0EC6} 8A2FC430
Device \Driver\NetBT \Device\NetbiosSmb 8A2FC430
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBFDO-0 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-1 8A3901E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A308430
Device \Driver\usbuhci \Device\USBFDO-2 8A3901E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A308430
Device \Driver\usbehci \Device\USBFDO-3 8A37C1E8
Device \Driver\usbuhci \Device\USBFDO-4 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-5 8A3901E8
Device \Driver\usbuhci \Device\USBFDO-6 8A3901E8
Device \Driver\usbehci \Device\USBFDO-7 8A37C1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1Port6Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 8A1AE1E8
Device \Driver\alu3dmuo \Device\Scsi\alu3dmuo1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Cdfs \Cdfs 8A306430
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x95 0x2C 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0xC4 0x48 0xB3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0x18 0xD8 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA7 0xCC 0x91 0xA6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x2F 0x6C 0xBE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xC9 0x17 0x2A 0xDF ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x57 0x95 0x2C 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0xC4 0x48 0xB3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE8 0x18 0xD8 0x2D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA7 0xCC 0x91 0xA6 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x0F 0x2F 0x6C 0xBE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xC9 0x17 0x2A 0xDF ...
---- EOF - GMER 1.0.15 ----
Přispějete na provoz fóra?