Skocz do zawartości
Nadchodzące zmiany w logowaniu

spinetta

Użytkownicy
 Pokaż profil  Zobacz aktywność

  • Postów

    6

  • Dołączył

  • Ostatnia wizyta

  1. spinetta
    Zrobiłam wszystko jak wyżej. Wielkie dzięki za przeprowadzenie mnie przez proces czyszczenia mojego komputera. Wszystkiego dobrego! spinetta
  2. spinetta
    Witam, komputer dziala dobrze. Raz zablokował się ekran w Firefoksie, więc go przeinstalowałam. Od dwóch dni wszystko dziala bez zarzutu: programy się nie zamykają, ani razu nie pojawil się bluescreen, przeglądarka działa szybko i bez błędów. Proszę o wskazówki, czy coś jeszcze mam robić. Pozdrawiam serdecznie.
  3. spinetta
    Folder był pusty. Te objawy występowały nie w sposób stały, więc muszę kilka dni poobserwować. Napiszę za kilka dni. Dziękuję i życzę miłego weekendu. I jeszcze prośba o wskazanie dobrego programu antywirusowego do zainstalowania w miejsce Nortona Antivirusa. Jeszcze raz piękne dzieki.
  4. spinetta
    Witam ponownie, zastosowałam wszystkie zalecone środki. Logi załączam. Bardzo dziękuję za pomoc. klcp_codec_log.txt OTL.Txt AdwCleanerS1.txt
  5. spinetta
    Serdecznie dziękuję Pani picasso za szybką pomoc. Co do Nortona Antivirusa, to co prawda został zainstalowany w 2007 roku, ale co roku odnawiam subskrypcję i mam włączoną usługę LiveUpdate, więc powinien swoją robotę dobrze wykonywać. Czy w takim wypadku muszę go usuwać z korzeniami z komputera przed wykonaniem zaleceń? Pozdrawiam serdecznie, spinetta
  6. spinetta
    Witam serdecznie, proszę o pomoc w uzdrowieniu mojego komputera. Od paru miesięcy obserwowałam zwolnienie pracy systemu, ale od miesiąca pojawiają się bardziej niepokojące znaki, np: - wstawianie w pasek narzędzi Firefoxa paska Ask toolbar - po starcie systemu blokuje się kursor na ekranie początkowym, nie reaguje na myszkę ani nie da się otworzyć menedżera zadań - po starcie systemu nagle się pojawia bluescreen i następuje restart - Explorator Windows informuje o zamykaniu programów po "nieoczekiwanym błędzie" Kiedyś ściągnęłam AllPlayera i potem widziałam jakieś niepożądane zjawiska, więc go odinstalowałam, ale może coś się z nim przywlokło i zostało? Sciągnęłam też do niego K-lite Codec Pack, bo mi WMP czegoś nie chciał odtwarzać i wyświetlał komunikat, że brak jakiegoś pliku .dll - a ostatnio czytałam na tym forum, że w tej paczce też czasem jest podejrzana zawartość, czy mam to odinstalować? Przejrzałam niedawno Windows Defendera i znalazłam tam informację o istnieniu GProtona. Są też pliki vdm.exe i npp.exe - czy są one podejrzane? Załączam logi. Proszę o łopatologiczne instrukcje, gdyż bardzo boję się zrobić coś nie tak, żeby nie narobić szkód. Pozdrawiam, spinetta GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-08-30 12:36:18 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721010CLA332 rev.JP4OA3MA Running: gmer.exe; Driver: C:\Users\user\AppData\Local\Temp\awdiqpog.sys ---- System - GMER 1.0.15 ---- SSDT 8803F9D8 ZwAlertResumeThread SSDT 8803FA98 ZwAlertThread SSDT 878B4D18 ZwAllocateVirtualMemory SSDT 87925380 ZwConnectPort SSDT 8803F788 ZwCreateMutant SSDT 87D063A8 ZwCreateThread SSDT 87C9E3F0 ZwFreeVirtualMemory SSDT 8803F858 ZwImpersonateAnonymousToken SSDT 8803F918 ZwImpersonateThread SSDT 88046AC0 ZwMapViewOfSection SSDT 8803F6C8 ZwOpenEvent SSDT 87D06328 ZwOpenProcessToken SSDT 8803FEB0 ZwOpenThreadToken SSDT 87D62510 ZwResumeThread SSDT 8803FDF0 ZwSetContextThread SSDT 8803FF80 ZwSetInformationProcess SSDT 8803FD20 ZwSetInformationThread SSDT 8803F608 ZwSuspendProcess SSDT 8803FBA0 ZwSuspendThread SSDT 87D08480 ZwTerminateProcess SSDT 8803FC60 ZwTerminateThread SSDT 88046A00 ZwUnmapViewOfSection SSDT 87C9E478 ZwWriteVirtualMemory ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 11D 820E47E0 8 Bytes [D8, F9, 03, 88, 98, FA, 03, ...] {FDIVR ST, ST(1); ADD ECX, [EAX-0x77fc0568]} .text ntkrnlpa.exe!KeSetEvent + 131 820E47F4 4 Bytes [18, 4D, 8B, 87] .text ntkrnlpa.exe!KeSetEvent + 1C1 820E4884 4 Bytes [80, 53, 92, 87] {ADC BYTE [EBX-0x6e], 0x87} .text ntkrnlpa.exe!KeSetEvent + 1F5 820E48B8 4 Bytes [88, F7, 03, 88] .text ntkrnlpa.exe!KeSetEvent + 221 820E48E4 4 Bytes [A8, 63, D0, 87] .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Real\RealPlayer\Update\realsched.exe[3724] kernel32.dll!SetUnhandledExceptionFilter 778BA8C5 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4} .text C:\Program Files\Mozilla Firefox\firefox.exe[4556] ntdll.dll!LdrLoadDll 77B19378 5 Bytes JMP 64186C40 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4556] kernel32.dll!HeapSetInformation + 26 778BA8C0 7 Bytes JMP 6418FE71 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4556] kernel32.dll!LockResource + C 778D6B0B 7 Bytes JMP 643C2D9C C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4556] kernel32.dll!VirtualAllocEx + 54 778DAF70 7 Bytes JMP 643C2DBF C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[4556] GDI32.dll!SetStretchBltMode + 256 761B745C 7 Bytes JMP 643C2D1D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateFile + 6 77B5424A 4 Bytes [28, 00, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateFile + B 77B5424F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateKey + 6 77B5428A 4 Bytes [68, 01, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateKey + B 77B5428F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateMutant + 6 77B542BA 4 Bytes [28, 02, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateMutant + B 77B542BF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateSection + 6 77B5433A 4 Bytes [68, 02, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtCreateSection + B 77B5433F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtMapViewOfSection + 6 77B5499A 4 Bytes [A8, 04, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtMapViewOfSection + B 77B5499F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenFile + 6 77B54A2A 4 Bytes [68, 00, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenFile + B 77B54A2F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenKey + 6 77B54A5A 4 Bytes [A8, 01, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenKey + B 77B54A5F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenMutant + B 77B54A7F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcess + 6 77B54AAA 1 Byte [28] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcess + 6 77B54AAA 4 Bytes [28, 03, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcess + B 77B54AAF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcessToken + 6 77B54ABA 1 Byte [68] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcessToken + 6 77B54ABA 4 Bytes [68, 03, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcessToken + B 77B54ABF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcessTokenEx + 6 77B54ACA 4 Bytes [28, 04, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenProcessTokenEx + B 77B54ACF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenSection + 6 77B54ADA 4 Bytes [A8, 02, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenSection + B 77B54ADF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenThread + B 77B54B1F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenThreadToken + 6 77B54B2A 1 Byte [E8] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenThreadToken + B 77B54B2F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenThreadTokenEx + 6 77B54B3A 4 Bytes [68, 04, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtOpenThreadTokenEx + B 77B54B3F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtQueryAttributesFile + 6 77B54BCA 4 Bytes [A8, 00, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtQueryAttributesFile + B 77B54BCF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtQueryFullAttributesFile + B 77B54C7F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtSetInformationFile + 6 77B5515A 4 Bytes [28, 01, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtSetInformationFile + B 77B5515F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtSetInformationThread + 6 77B551AA 1 Byte [A8] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtSetInformationThread + 6 77B551AA 4 Bytes [A8, 03, 16, 00] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtSetInformationThread + B 77B551AF 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ntdll.dll!NtUnmapViewOfSection + B 77B5544F 1 Byte [E2] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] kernel32.dll!CreateProcessW 77891BF3 5 Bytes JMP 000100B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] kernel32.dll!CreateProcessA 77891C28 5 Bytes JMP 000100F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] kernel32.dll!OpenEventW 778AC033 5 Bytes JMP 00010070 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] kernel32.dll!CreateEventW 778DB87E 5 Bytes JMP 00010030 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!DeleteObject 761B5A37 5 Bytes JMP 001801B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetDeviceCaps 761B617F 5 Bytes JMP 001803B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SelectObject 761B62A0 5 Bytes JMP 001805F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetTextColor 761B666B 5 Bytes JMP 001809F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetBkMode 761B6716 5 Bytes JMP 001808B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!DeleteDC 761B68CD 5 Bytes JMP 00180170 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetCurrentObject 761B6B58 5 Bytes JMP 00180370 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetStretchBltMode 761B7206 5 Bytes JMP 00180670 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SaveDC 761B75BA 5 Bytes JMP 00180570 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!RestoreDC 761B7675 5 Bytes JMP 00180530 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!StretchDIBits 761B78CF 5 Bytes JMP 00180730 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!ExtSelectClipRgn 761B79F8 5 Bytes JMP 001802F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SelectClipRgn 761B7AF9 5 Bytes JMP 001805B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!MoveToEx 761B7C33 5 Bytes JMP 00180470 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!Rectangle 761B7EA9 5 Bytes JMP 00180970 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextAlign 761B82E0 5 Bytes JMP 00180D30 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetTextAlign 761B85CB 5 Bytes JMP 001809B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!ExtTextOutW 761B872B 5 Bytes JMP 00180930 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextMetricsW 761B8A81 5 Bytes JMP 00180DF0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!IntersectClipRect 761B8B64 5 Bytes JMP 001803F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetClipBox 761B9071 5 Bytes JMP 00180330 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetICMMode 761B94E7 5 Bytes JMP 00180D70 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!CreateDCW 761BA91D 5 Bytes JMP 001800F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!CreateDCA 761BAA49 5 Bytes JMP 001800B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!CreateICW 761BB2E9 5 Bytes JMP 00180130 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextFaceW 761BB637 5 Bytes JMP 00180CF0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetFontData 761BBA6C 5 Bytes JMP 00180C30 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextExtentPoint32W 761BC01A 5 Bytes JMP 00180630 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetWorldTransform 761BC46A 5 Bytes JMP 001806B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!LineTo 761BC65E 5 Bytes JMP 00180430 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextMetricsA 761BCCEB 5 Bytes JMP 00180DB0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!ExtTextOutA 761C00A5 5 Bytes JMP 001808F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!ExtEscape 761C22A7 5 Bytes JMP 001802B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!Escape 761C27F1 5 Bytes JMP 00180270 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!ResetDCW 761C3132 5 Bytes JMP 00180A70 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!EndPage 761C375E 5 Bytes JMP 00180230 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetPolyFillMode 761C61D3 5 Bytes JMP 00180AF0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SetMiterLimit 761C62E2 5 Bytes JMP 00180B30 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetTextFaceA 761CF4C5 5 Bytes JMP 00180CB0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!GetGlyphOutlineW 761DA41F 5 Bytes JMP 00180C70 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!CreateScalableFontResourceW 761DC88B 5 Bytes JMP 00180B70 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!AddFontResourceW 761DCC93 5 Bytes JMP 00180BB0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!RemoveFontResourceW 761DD129 5 Bytes JMP 00180BF0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!AbortDoc 761E2CC4 5 Bytes JMP 00180030 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!EndDoc 761E30D8 5 Bytes JMP 001801F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!StartPage 761E31C3 5 Bytes JMP 001806F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!StartDocW 761E3CA7 5 Bytes JMP 001807B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!BeginPath 761E4465 5 Bytes JMP 001807F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!SelectClipPath 761E44BC 5 Bytes JMP 00180AB0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!CloseFigure 761E4517 5 Bytes JMP 00180070 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!EndPath 761E456E 5 Bytes JMP 00180A30 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!StrokePath 761E47A0 5 Bytes JMP 00180770 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!FillPath 761E482C 1 Byte [E9] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!FillPath 761E482C 5 Bytes JMP 00180830 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!PolylineTo 761E4C95 5 Bytes JMP 001804F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!PolyBezierTo 761E4D25 5 Bytes JMP 001804B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] GDI32.dll!PolyDraw 761E4DD6 5 Bytes JMP 00180870 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!SetCursor 7620D37D 5 Bytes JMP 00190530 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!RegisterClipboardFormatW 7620D6AC 1 Byte [E9] .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!RegisterClipboardFormatW 7620D6AC 5 Bytes JMP 001902B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!ActivateKeyboardLayout 7621478C 5 Bytes JMP 001904F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!IsWindowVisible 7621878A 7 Bytes JMP 001906B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!MonitorFromWindow 762188D4 4 Bytes JMP 00190630 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!MonitorFromWindow + 5 762188D9 2 Bytes [CC, CC] {INT 3 ; INT 3 } .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!ScreenToClient 76218C56 7 Bytes JMP 00190670 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClientRect 76218F0D 7 Bytes JMP 001905B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetParent 762190AA 7 Bytes JMP 001906F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!RegisterClipboardFormatA 7621A111 5 Bytes JMP 001902F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!PostMessageW 7621A175 5 Bytes JMP 001905F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!MapWindowPoints 7621A30D 5 Bytes JMP 00190570 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardFormatNameA 7621A552 5 Bytes JMP 00190270 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetOpenClipboardWindow 762226A6 5 Bytes JMP 001903F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!SetClipboardViewer 7622BA2D 5 Bytes JMP 001904B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!IsClipboardFormatAvailable 7622C2E3 5 Bytes JMP 001900F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!CloseClipboard 7622C2F7 5 Bytes JMP 001900B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!OpenClipboard 7622C31D 5 Bytes JMP 00190070 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetTopWindow 7622CE0A 7 Bytes JMP 00190730 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardSequenceNumber 7622D8B7 5 Bytes JMP 00190330 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!ChangeClipboardChain 7622DF83 5 Bytes JMP 00190430 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!CountClipboardFormats 76230048 5 Bytes JMP 001901F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardOwner 762326EF 5 Bytes JMP 00190370 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!SetClipboardData 76246410 5 Bytes JMP 00190170 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!EnumClipboardFormats 76246D16 5 Bytes JMP 001901B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!SetCursorPos 76246FB2 5 Bytes JMP 00190770 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardData 7624715A 5 Bytes JMP 00190030 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardFormatNameW 7624A99F 5 Bytes JMP 00190230 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!EmptyClipboard 7626398B 5 Bytes JMP 00190130 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetClipboardViewer 762639ED 5 Bytes JMP 00190470 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] USER32.dll!GetPriorityClipboardFormat 76263AEF 5 Bytes JMP 001903B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ole32.dll!OleGetClipboard 764C74C9 5 Bytes JMP 001A00B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ole32.dll!OleSetClipboard 764F11E3 5 Bytes JMP 001A0030 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] ole32.dll!OleIsCurrentClipboard 764FA8F9 5 Bytes JMP 001A0070 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!FreeContextBuffer 76042D83 5 Bytes JMP 001C00F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!DeleteSecurityContext 76042F18 5 Bytes JMP 001C0270 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!FreeCredentialsHandle 76043598 5 Bytes JMP 001C0130 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!EncryptMessage 76043745 5 Bytes JMP 001C01F0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!DecryptMessage 76043813 5 Bytes JMP 001C0230 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!InitializeSecurityContextA 760487DF 5 Bytes JMP 001C0170 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!AcquireCredentialsHandleA 76048A43 5 Bytes JMP 001C0030 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!QueryContextAttributesA 76048E77 5 Bytes JMP 001C0070 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!ApplyControlToken 7604DE4F 5 Bytes JMP 001C01B0 .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] Secur32.dll!QueryCredentialsAttributesA 7604E052 5 Bytes JMP 001C00B0 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744A7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [744EB4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [744ABB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7449F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [744A75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7449E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [744D73F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [744ADA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7449FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7449FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [744971CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7452CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [744CC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7449D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74496853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7449687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[764] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [744A2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileExW] 00010110 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetKeyState] 001907D0 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\ole32.dll [uSER32.dll!GetKeyState] 001907D0 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] 00010110 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] 00010110 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetFocus] 00190790 IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe[5424] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetKeyState] 001907D0 ---- EOF - GMER 1.0.15 ---- OTL.Txt Extras.Txt
×
×
  • Dodaj nową pozycję...