VIRY.CZ

Logy z mbr

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: Hitachi_HTS542516K9SA00 rev.BBCOC31P -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x8307652F] -> \Device\Harddisk0\DR0[0x8659B030]
3 CLASSPNP[0x89AF359E] -> ntkrnlpa!IofCallDriver[0x8307652F] -> [0x864CA7E0]
5 ACPI[0x895AE3D4] -> ntkrnlpa!IofCallDriver[0x8307652F] -> \Device\Ide\IdeDeviceP0T0L0-0[0x864AB908]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK

log s gmer první

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-07-25 21:53:50
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542516K9SA00 rev.BBCOC31P
Running: gmer.exe; Driver: C:\Users\CHEVYO~1\AppData\Local\Temp\kwtyqkow.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

gmer druhý log

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-07-25 22:41:28
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542516K9SA00 rev.BBCOC31P
Running: gmer.exe; Driver: C:\Users\CHEVYO~1\AppData\Local\Temp\kwtyqkow.sys

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 8307D339 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B6D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? system32\DRIVERS\71903405.sys Systém nemůže nalézt uvedenou cestu. !
? C:\Users\CHEVYO~1\AppData\Local\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[1124] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3112] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769274A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76927535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769276F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3856] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769274A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76927535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769276F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3864] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3912] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3924] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769274A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76927535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769276F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 17, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4012] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtCreateFile + 6 779255CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtCreateFile + B 779255D3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtMapViewOfSection + 6 77925C2E 1 Byte [28]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtMapViewOfSection + 6 77925C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtMapViewOfSection + B 77925C33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenFile + 6 77925CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenFile + B 77925CE3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcess + 6 77925D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcess + B 77925D93 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcessToken + 6 77925D9E 4 Bytes CALL 769264A4 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcessToken + B 77925DA3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcessTokenEx + 6 77925DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenProcessTokenEx + B 77925DB3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThread + 6 77925E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThread + B 77925E13 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThreadToken + 6 77925E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThreadToken + B 77925E23 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThreadTokenEx + 6 77925E2E 4 Bytes CALL 76926535 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtOpenThreadTokenEx + B 77925E33 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtQueryAttributesFile + 6 77925F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtQueryAttributesFile + B 77925F43 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtQueryFullAttributesFile + 6 77925FEE 4 Bytes CALL 769266F3 C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtQueryFullAttributesFile + B 77925FF3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtSetInformationFile + 6 7792663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtSetInformationFile + B 77926643 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtSetInformationThread + 6 7792669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtSetInformationThread + B 779266A3 1 Byte [E2]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 1 Byte [68]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtUnmapViewOfSection + 6 779269BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe[4056] ntdll.dll!NtUnmapViewOfSection + B 779269C3 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[3124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [759BFFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000004c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:3504] A3854F2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Atheros AR5007EG \x2013 adaptér bezdrátové sítě 1?
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\HidBth (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\HidBth\Devices (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@ConnectionAuthenticated 0
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@VirtuallyCabled 0
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Atheros AR5007EG \x2013 adaptér bezdrátové sítě 1?
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth\Devices
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@ConnectionAuthenticated 0
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@VirtuallyCabled 0
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Atheros AR5007EG \x2013 adaptér bezdrátové sítě 1?
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\HidBth (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\HidBth\Devices (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@ConnectionAuthenticated 0
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\HidBth\Devices\001d603cec22001b5953b1ca@VirtuallyCabled 0
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Logy tez ciste

Ano je to zapeklyté ale co yb zničeho nic jen tak prostě zablokovali spouštění defendru nebo i mse..

Spustte znovu ComboFix a uvidime

Log pak sem

log s combofixu

ComboFix 11-07-26.02 - Chevy opava 26.07.2011 10:27:16.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1919.808 [GMT 2:00]
Spuštěný z: c:\users\Chevy opava\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\~.inf
.
c:\windows\system32\Drivers\atapi.sys . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-26 09:01 . 2011-07-26 09:22 -------- d-----w- c:\users\Chevy opava\AppData\Local\temp
2011-07-26 09:01 . 2011-07-26 09:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-25 20:24 . 2011-07-20 07:44 6881616 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-25 12:21 . 2011-07-25 12:24 373297 ----a-w- c:\windows\system32\~.tmp
2011-07-25 10:11 . 2011-07-25 10:11 -------- d-----w- c:\programdata\Kaspersky Lab
2011-07-22 13:25 . 2011-07-22 13:25 -------- d-----w- c:\users\Chevy opava\AppData\Roaming\Malwarebytes
2011-07-22 13:25 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-22 13:24 . 2011-07-22 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-07-22 13:24 . 2011-07-22 13:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-22 13:24 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-22 07:47 . 2011-07-22 07:50 -------- d-----w- c:\program files\trend micro
2011-07-13 12:54 . 2011-07-13 12:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-13 12:52 . 2011-07-13 12:52 -------- d-----w- c:\windows\system32\SPReview
2011-07-13 12:51 . 2011-07-13 12:51 -------- d-----w- c:\windows\system32\EventProviders
2011-07-13 12:50 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-07-13 12:50 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-07-13 12:50 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-07-13 08:52 . 2011-07-13 08:52 -------- d-----w- c:\program files\Selteco
2011-07-13 06:05 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-07-13 06:05 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-07-13 06:05 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-07-13 06:05 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-07-13 06:05 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-07-13 06:05 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-07-13 06:05 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-07-13 06:05 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2011-06-30 07:07 . 2011-06-30 07:07 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 06:22 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:22 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-06-29 06:22 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:22 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:22 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:22 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:22 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:22 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 06:22 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:22 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 06:22 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 06:05 . 2011-05-27 07:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 15:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-26 06:54 . 2011-05-26 06:54 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-05-24 17:14 . 2011-05-24 07:08 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 10:37 . 2011-05-26 06:24 6962000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1C79C17B-5F69-422E-A550-2DC3468CCF04}\mpengine.dll
2011-05-04 02:52 . 2010-08-12 08:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-20 06:40 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-20 06:40 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-20 06:40 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-20 06:40 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 13:25 . 2011-04-27 13:25 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-02-15 17:07 4390912 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-11-23 13:27 815104 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1343400]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 SBS_GM_TOMCAT6;SBS_GM_TOMCAT6;c:\program files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe //RS//SBS_GM_TOMCAT6 [x]
S2 SBS_GM_TRANSBASE;SBS_GM_TRANSBASE;c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe [2009-09-03 417792]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-04-19 24576]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér;c:\windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-06-06 1260672]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\
FF - prefs.js: browser.startup.homepage - hxxp://autosalon-schromm.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2216)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATKOSD2\ATKOSD2.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\windows\system32\conhost.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\totalcmd\TOTALCMD.EXE
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\windows\system32\rundll32.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Chevy opava\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 11:28:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 09:28
.
Před spuštěním: Volných bajtů: 38 406 557 696
Po spuštění: Volných bajtů: 38 288 867 328
.
- - End Of File - - AA3AA04B07AB2B19ED5D657688376C76

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

c:\windows\system32\Drivers\atapi.sys/color]
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

tady by to mělo být
http://www.virustotal.com/file-scan/rep ... 311677089#

Activex vyřešen stále ještě zbývá zapnutí služby zabezpečení. MSE je nainstalován ale nejde spustit..

Tak už běží vše.

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

A pokud nejsou problemy ci dotazy, je to vse

Děkuji za všechny postupy co jste tu semnou prošel ..

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

VIRY.CZ

nejde spustit centrum zabezpečení ve win 7 a activex prvky

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv