bidne zabezpeceny net+ haze to hlasku o skriptu - jsem v USA

[flip.]

a ta hlaska mi mimochodem porad vyskakuje...

a je tedy nejaka moznost odcizeni hesel?

diky za pomoc

[flip.]

zase: "http://ad.z5x.net/st?ad_type=ad&ad_size ... ion=834080"

an error has ocurred running scripts on this page, do you want to continue running scripts on this page?

[flip.]

pro zajimavost log z MBAMU, ten nic nenasel

Kód: Vybrat vše

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5512

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.01.11 16:33:25
mbam-log-2011-01-16 (16-33-25).txt

Scan type: Quick scan
Objects scanned: 139796
Time elapsed: 3 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[motji]

Nemůže být ta IP třeba Vašeho routeru?

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


Smažte cache Opery/Firefoxu bud ručně nebo ATF Cleanerem
http://www.slunecnice.cz/sw/atf-cleaner/

- v menu nahoře vyberte záložku Firefox / Opera a klikněte na ni
- zatrhněte Select All a pak klikněte na Empty Selected

pozor - přijdete o všechna hesla uložená ve FF /Opere!

- Na záložce main zaškrtněte All users temp a potvrdte Empty selected



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-počítač se restartuje

[flip.]

ccleaner pouzivam pravidelne, operu ani firefox nemam, ale cookies i temp jsem mazal prave tim ccleanerem nedavno...

ten OTC jsem zkusil, timto by to uz tedy mely byt vyresene a uzavrene?

[motji]

Záleží na tom, zda to stále vyskakuje. mě se zatím nepodařilo zjistit, co to způsobuje , takže trochu zkouším

[flip.]

stale to vyskakuje :/

[motji]

Tak jdeme hledat dál.

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[motji]

Pokud jste ještě nezačal, ten gmer nedělejte.
Zkuste tohle
http://googlechromereleases.blogspot.co ... pdate.html

[flip.]

nechapu, poslala jste mi link na stazeni google chromu, kde je update v7 z zari 2010, pritom ja mam nejnovejsi cerstve stazenou verzi 8..

[flip.]

ATF nepomohl a ten GMER tedy delat nemam?

[stell]

zaskok/
kolegyna ti tym naznacila ,aby si nainstaloval starsiu stabilnejsiu verziu chrome, nakolko tato verzia co mas hadze chybove hlasky.a robi problem v systeme.
A sprav aj G-mer.

code: 0xc0000005 Fault offset: 0x02583c40 Faulting process id: 0x1214 Faulting application
start time: 0x01cbb526b7297a9f Faulting application path: C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: 5ad16870-211f-11e0-9400-001ec9021be1

A odinstaluj aj Spybot.

Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

[flip.]

1.


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-19 13:24:41
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 SAMSUNG_HM320JI rev.2SS00_01
Running: gmer.exe; Driver: C:\Users\c\AppData\Local\Temp\pxldqpog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8B1ECBAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8B1EC9D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8B1ECB0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort0 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort1 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort2 8517F1F8
Device \Driver\msahci \Device\Ide\PciIde1Channel0 851801F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 8517F1F8
Device \Driver\msahci \Device\Ide\PciIde1Channel2 851801F8
Device \Driver\ablqo0js \Device\Scsi\ablqo0js1Port3Path0Target0Lun0 866D51F8
Device \Driver\ablqo0js \Device\Scsi\ablqo0js1 866D51F8
Device \FileSystem\Ntfs \Ntfs 851821F8
Device \FileSystem\fastfat \Fat 9D224500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

[flip.]

2.


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-19 15:32:21
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 SAMSUNG_HM320JI rev.2SS00_01
Running: gmer.exe; Driver: C:\Users\c\AppData\Local\Temp\pxldqpog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8B1ECBAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8B1EC9D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8B1ECB0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A5D599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A81F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE ntkrnlpa.exe!ZwLoadDriver 82BBB291 7 Bytes JMP 8B1ECB10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82C22FBF 5 Bytes JMP 8B1E85D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 82C3CCF3 5 Bytes JMP 8B1EA012 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 82C4AD63 7 Bytes JMP 8B1EC9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 82CF4EAC 7 Bytes JMP 8B1ECBB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? System32\Drivers\sprh.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 91341CA0 5 Bytes JMP 851CE4E0
.text ablqo0js.SYS 91B8D000 12 Bytes [44, F8, E2, 82, EE, F6, E2, ...]
.text ablqo0js.SYS 91B8D00D 9 Bytes [D7, E2, 82, 48, FB, E2, 82, ...] {XLATB ; LOOP 0xffffffffffffff85; DEC EAX; STI ; LOOP 0xffffffffffffff89; ADD [EAX], AL}
.text ablqo0js.SYS 91B8D017 170 Bytes [00, DE, F7, F9, 8A, E6, F5, ...]
.text ablqo0js.SYS 91B8D0C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ablqo0js.SYS 91B8D0CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 9DA2C000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 9DA2C123 629 Bytes [75, A2, 9D, FE, 05, 34, 75, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 9DA2C399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F 9DA2C3FF 136 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5418 9DA2C488 11 Bytes [89, 15, 3C, 75, A2, 9D, E9, ...] {MOV [0x9da2753c], EDX; JMP 0x240bb}
PAGE ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1444] kernel32.dll!SetUnhandledExceptionFilter 775C3162 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtCreateFile + 6 77894A36 4 Bytes [28, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtCreateFile + B 77894A3B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtMapViewOfSection + 6 77895096 1 Byte [28]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtMapViewOfSection + 6 77895096 4 Bytes [28, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtMapViewOfSection + B 7789509B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenFile + 6 77895146 4 Bytes [68, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenFile + B 7789514B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcess + 6 778951F6 4 Bytes [A8, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcess + B 778951FB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcessToken + 6 77895206 4 Bytes CALL 7689590C C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcessToken + B 7789520B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcessTokenEx + 6 77895216 4 Bytes [A8, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenProcessTokenEx + B 7789521B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThread + 6 77895276 4 Bytes [68, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThread + B 7789527B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThreadToken + 6 77895286 4 Bytes [68, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThreadToken + B 7789528B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThreadTokenEx + 6 77895296 4 Bytes CALL 7689599D C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtOpenThreadTokenEx + B 7789529B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtQueryAttributesFile + 6 778953A6 4 Bytes [A8, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtQueryAttributesFile + B 778953AB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtQueryFullAttributesFile + 6 77895456 4 Bytes CALL 76895B5B C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtQueryFullAttributesFile + B 7789545B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtSetInformationFile + 6 77895AA6 4 Bytes [28, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtSetInformationFile + B 77895AAB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtSetInformationThread + 6 77895B06 4 Bytes [28, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtSetInformationThread + B 77895B0B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 1 Byte [68]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 4 Bytes [68, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2124] ntdll.dll!NtUnmapViewOfSection + B 77895E2B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtCreateFile + 6 77894A36 4 Bytes [28, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtCreateFile + B 77894A3B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtMapViewOfSection + 6 77895096 1 Byte [28]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtMapViewOfSection + 6 77895096 4 Bytes [28, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtMapViewOfSection + B 7789509B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenFile + 6 77895146 4 Bytes [68, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenFile + B 7789514B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcess + 6 778951F6 4 Bytes [A8, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcess + B 778951FB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcessToken + 6 77895206 4 Bytes CALL 7689590C C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcessToken + B 7789520B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcessTokenEx + 6 77895216 4 Bytes [A8, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenProcessTokenEx + B 7789521B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThread + 6 77895276 4 Bytes [68, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThread + B 7789527B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThreadToken + 6 77895286 4 Bytes [68, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThreadToken + B 7789528B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThreadTokenEx + 6 77895296 4 Bytes CALL 7689599D C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtOpenThreadTokenEx + B 7789529B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtQueryAttributesFile + 6 778953A6 4 Bytes [A8, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtQueryAttributesFile + B 778953AB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtQueryFullAttributesFile + 6 77895456 4 Bytes CALL 76895B5B C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtQueryFullAttributesFile + B 7789545B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtSetInformationFile + 6 77895AA6 4 Bytes [28, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtSetInformationFile + B 77895AAB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtSetInformationThread + 6 77895B06 4 Bytes [28, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtSetInformationThread + B 77895B0B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 1 Byte [68]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 4 Bytes [68, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[2900] ntdll.dll!NtUnmapViewOfSection + B 77895E2B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtCreateFile + 6 77894A36 4 Bytes [28, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtCreateFile + B 77894A3B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtMapViewOfSection + 6 77895096 1 Byte [28]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtMapViewOfSection + 6 77895096 4 Bytes [28, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtMapViewOfSection + B 7789509B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenFile + 6 77895146 4 Bytes [68, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenFile + B 7789514B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcess + 6 778951F6 4 Bytes [A8, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcess + B 778951FB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcessToken + 6 77895206 4 Bytes CALL 7689590C C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcessToken + B 7789520B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcessTokenEx + 6 77895216 4 Bytes [A8, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenProcessTokenEx + B 7789521B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThread + 6 77895276 4 Bytes [68, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThread + B 7789527B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThreadToken + 6 77895286 4 Bytes [68, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThreadToken + B 7789528B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThreadTokenEx + 6 77895296 4 Bytes CALL 7689599D C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtOpenThreadTokenEx + B 7789529B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtQueryAttributesFile + 6 778953A6 4 Bytes [A8, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtQueryAttributesFile + B 778953AB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtQueryFullAttributesFile + 6 77895456 4 Bytes CALL 76895B5B C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtQueryFullAttributesFile + B 7789545B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtSetInformationFile + 6 77895AA6 4 Bytes [28, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtSetInformationFile + B 77895AAB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtSetInformationThread + 6 77895B06 4 Bytes [28, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtSetInformationThread + B 77895B0B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 1 Byte [68]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 4 Bytes [68, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[4548] ntdll.dll!NtUnmapViewOfSection + B 77895E2B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtCreateFile + 6 77894A36 4 Bytes [28, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtCreateFile + B 77894A3B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtMapViewOfSection + 6 77895096 1 Byte [28]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtMapViewOfSection + 6 77895096 4 Bytes [28, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtMapViewOfSection + B 7789509B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenFile + 6 77895146 4 Bytes [68, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenFile + B 7789514B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcess + 6 778951F6 4 Bytes [A8, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcess + B 778951FB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcessToken + 6 77895206 4 Bytes CALL 7689590C C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcessToken + B 7789520B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcessTokenEx + 6 77895216 4 Bytes [A8, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenProcessTokenEx + B 7789521B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThread + 6 77895276 4 Bytes [68, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThread + B 7789527B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThreadToken + 6 77895286 4 Bytes [68, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThreadToken + B 7789528B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThreadTokenEx + 6 77895296 4 Bytes CALL 7689599D C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtOpenThreadTokenEx + B 7789529B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtQueryAttributesFile + 6 778953A6 4 Bytes [A8, 00, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtQueryAttributesFile + B 778953AB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtQueryFullAttributesFile + 6 77895456 4 Bytes CALL 76895B5B C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtQueryFullAttributesFile + B 7789545B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtSetInformationFile + 6 77895AA6 4 Bytes [28, 01, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtSetInformationFile + B 77895AAB 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtSetInformationThread + 6 77895B06 4 Bytes [28, 02, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtSetInformationThread + B 77895B0B 1 Byte [E2]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 1 Byte [68]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtUnmapViewOfSection + 6 77895E26 4 Bytes [68, 03, 07, 00]
.text C:\Users\c\AppData\Local\Google\Chrome\Application\chrome.exe[5404] ntdll.dll!NtUnmapViewOfSection + B 77895E2B 1 Byte [E2]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8AEA3042] \SystemRoot\System32\Drivers\sprh.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8AEA36D6] \SystemRoot\System32\Drivers\sprh.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8AEA3800] \SystemRoot\System32\Drivers\sprh.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8AEA313E] \SystemRoot\System32\Drivers\sprh.sys
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\ablqo0js.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\System32\rundll32.exe[3004] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [758F5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3004] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [758F5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3004] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [758F5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3004] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [758F5E25] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 851821F8
Device \FileSystem\fastfat \FatCdrom 9D224500
Device \Driver\volmgr \Device\VolMgrControl 8517D1F8
Device \Driver\usbuhci \Device\USBPDO-0 851CA500
Device \Driver\NetBT \Device\NetBT_Tcpip_{C3F8693E-5C1F-471A-A9FA-95E3647160C8} 864671F8
Device \Driver\usbuhci \Device\USBPDO-1 851CA500
Device \Driver\usbehci \Device\USBPDO-2 85F43500
Device \Driver\usbuhci \Device\USBPDO-3 851CA500
Device \Driver\ACPI_HAL \Device\00000047 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-4 851CA500
Device \Driver\PCI_PNP4598 \Device\00000055 sprh.sys

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-5 851CA500
Device \Driver\usbehci \Device\USBPDO-6 85F43500
Device \Driver\volmgr \Device\HarddiskVolume1 8517D1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\volmgr \Device\HarddiskVolume2 8517D1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{607F11ED-D6FF-4756-B2D7-19A9A30735D7} 864671F8
Device \Driver\cdrom \Device\CdRom0 863A51F8
Device \Driver\sptd \Device\1278778600 sprh.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort0 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort1 8517F1F8
Device \Driver\atapi \Device\Ide\IdePort2 8517F1F8
Device \Driver\msahci \Device\Ide\PciIde1Channel0 851801F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 8517F1F8
Device \Driver\msahci \Device\Ide\PciIde1Channel2 851801F8
Device \Driver\cdrom \Device\CdRom1 863A51F8
Device \Driver\volmgr \Device\HarddiskVolume3 8517D1F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBt_Wins_Export 864671F8

AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBFDO-0 851CA500
Device \Driver\usbuhci \Device\USBFDO-1 851CA500
Device \Driver\usbehci \Device\USBFDO-2 85F43500
Device \Driver\usbuhci \Device\USBFDO-3 851CA500
Device \Driver\usbuhci \Device\USBFDO-4 851CA500
Device \Driver\usbuhci \Device\USBFDO-5 851CA500
Device \Driver\usbehci \Device\USBFDO-6 85F43500
Device \Driver\ablqo0js \Device\Scsi\ablqo0js1Port3Path0Target0Lun0 866D51F8
Device \Driver\ablqo0js \Device\Scsi\ablqo0js1 866D51F8
Device \FileSystem\fastfat \Fat 9D224500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAD 0x7D 0x64 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x82 0x76 0x51 0x04 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8F 0xB3 0xA6 0x99 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAD 0x7D 0x64 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x82 0x76 0x51 0x04 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8F 0xB3 0xA6 0x99 ...

---- Files - GMER 1.0.15 ----

File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B1F.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B20.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B31.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B32.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B42.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B43.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B44.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B45.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B56.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B57.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B58.tmp 150798 bytes
File C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B68.tmp 150798 bytes

---- EOF - GMER 1.0.15 ----

[motji]

Otestujte na www.virustotal.com
C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\9B1F.tmp