VIRY.CZ

A když nejde centrum zabezpečení, antivir funguje? A firewall?

Ano, oba fungují, ale při skenu combofix jsem je oba vypnul.

Dobře, momentálně to vypadá jak?
Napadá mě jedině zkusit opravu přes win vista manager.

To prosím Vás myslíte přesně udělat co?
Pokud myslíte Services.msc a centrum zabezpečení a vlastnosti, tak to jsem zkoušel (i teď) a nejde to pořád.

Zkusím ještě kouknout po rootkitech.

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

OK

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2011-08-13 08:15:09
Windows 6.0.6002 Service Pack 2


---- Devices - GMER 1.0.14 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.14 ----

Ještě druhý sken a log.

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2011-08-13 09:01:55
Windows 6.0.6002 Service Pack 2


---- User code sections - GMER 1.0.14 ----

.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA50A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA5121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA525F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 06, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtCreateFile + 6 77DA422A 4 Bytes [ 28, 00, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtCreateFile + B 77DA422F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtMapViewOfSection + 6 77DA497A 1 Byte [ 28 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtMapViewOfSection + 8 77DA497C 2 Bytes [ 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtMapViewOfSection + B 77DA497F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenFile + 6 77DA4A0A 4 Bytes [ 68, 00, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenFile + B 77DA4A0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcess + 6 77DA4A8A 4 Bytes [ A8, 01, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcess + B 77DA4A8F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcessToken + 6 77DA4A9A 4 Bytes CALL 76DA60A0 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcessToken + B 77DA4A9F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcessTokenEx + 6 77DA4AAA 4 Bytes [ A8, 02, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenProcessTokenEx + B 77DA4AAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThread + 6 77DA4AFA 4 Bytes [ 68, 01, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThread + B 77DA4AFF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThreadToken + 6 77DA4B0A 4 Bytes [ 68, 02, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThreadToken + B 77DA4B0F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThreadTokenEx + 6 77DA4B1A 4 Bytes CALL 76DA6121 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtOpenThreadTokenEx + B 77DA4B1F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtQueryAttributesFile + 6 77DA4BAA 4 Bytes [ A8, 00, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtQueryAttributesFile + B 77DA4BAF 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtQueryFullAttributesFile + 6 77DA4C5A 4 Bytes CALL 76DA625F C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtQueryFullAttributesFile + B 77DA4C5F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtSetInformationFile + 6 77DA513A 4 Bytes [ 28, 01, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtSetInformationFile + B 77DA513F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtSetInformationThread + 6 77DA518A 4 Bytes [ 28, 02, 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtSetInformationThread + B 77DA518F 1 Byte [ E2 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtUnmapViewOfSection + 6 77DA542A 1 Byte [ 68 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtUnmapViewOfSection + 8 77DA542C 2 Bytes [ 16, 00 ]
.text C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] ntdll.dll!NtUnmapViewOfSection + B 77DA542F 1 Byte [ E2 ]

Druhá část:



---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[2944] @ C:\Windows\system32\NETAPI32.dll [PSAPI.DLL!GetModuleBaseNameW] [77E8159E] C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73FB7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7400A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73FBBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73FAF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73FB75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73FAE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73FE8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73FBDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73FAFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73FAFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73FA71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7403CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73FDC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73FAD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73FA6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73FA687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3664] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73FB2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4020] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4256] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4300] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4328] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4348] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[4356] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5024] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[5828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010
IAT C:\Users\Vozka\AppData\Local\Google\Chrome\Application\chrome.exe[6064] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00010010

---- Devices - GMER 1.0.14 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xE9 0x02 0x6C 0xFA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN=AFF6A24C \x20ac_PROGRAMY\instalace\7z465.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN=AFF6A24C \x20ac_PROGRAMY\instalace\Sony Ericsson PC Suite_3.209.00_CS.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@D:\\x20ac_instalačky\CIS_Setup_3.8.65951.477_XP_Vista_x32.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN=BFB4D22B \x20ac_PROGRAMY\instalace\FoxitReader23_enu_Setup.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN=B981E21E \x20ac_PROGRAMY\instalace\OCCTPT3.1.0.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\\x20ac_Download\pcalc10.exe 8

---- EOF - GMER 1.0.14 ----

Omlouvám se, budu na PC zas až navečer.
Děkuji.

Gmer je také ok. Uklidíme po combofixu a zkuste opravu přes vista manager, ale bohužel Vám přesně nepovím co. Možná bych zkusila opravu systému bez inst. cd.

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?




:arrow:Ještě zkuste opravu vista managerem http://www.slunecnice.cz/sw/vista-manager/

-Bohužel máme návod jen na windows xp manager,ale bude to skoro stejné http://www.viry.cz/forum/viewtopic.php?f=46&t=17549

Nejde mi odinstalovat ten Combofix. Mám ho na ploše přejmenovaný na Brou.com najde to Combofix/Uninstal, ale. když dám enter, vyskočí chybová hláška, že nemůže najít soubor Brouk.com.exe.
Na C:\mám adresář Brouk.com a je prázdný.

Tak ho jen hoďte do koše, stejně jako tu složku.

Ahoj, nechal jsem vyčistit PC podle návodu a po restartu nebylo zapnuto řízení uživatelských účtů, takže jsem jej dal zapnout a po novém restartu už bylo vše OK. Dokonce vypadá, že je vyřešen ten problém s centrem zabezpečení, je zapnuto a vše zelené. Od pátku, co to řešíme ale mám problém s aktualizacemi, myslím v pátek, nebo ve čtvrtek se mi aktualizovaly Visty, vše proběhlo OK, ale od té doby co zapínám, nebo restartuji PC, tak při ukončování Win a při nabíhání Win probíhá stále konfigurace aktualizací 0%. Zdržuje to náběh i vypnutí. Zkouším teď stáhnout aktualizace ručně.
Mám ještě použít ten Vistamanager?