GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-31 01:48:49
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\marek\LOCALS~1\Temp\uxtdypog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB13F76B8]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateFile [0xB16D1868]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB13F7574]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcess [0xB16D0E90]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcessEx [0xB16D0D9C]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateThread [0xB16D13FC]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteFile [0xB16D2210]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteKey [0xB16CE786]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB13F7A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB13F714C]
SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwLoadDriver [0xBA7BC01C]
SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwMapViewOfSection [0xBA7BC168]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwOpenFile [0xB16D1B54]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB13F764E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB13F708C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB13F70F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB13F776E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB13F772E]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwResumeThread [0xB16D14EC]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwSetInformationFile [0xB16D1E8C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB13F78AE]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwWriteFile [0xB16D1DE0]
---- Kernel code sections - GMER 1.0.15 ----
.reloc C:\WINDOWS\system32\drivers\acehlp10.sys section is executable [0xB9FE6700, 0x2919C, 0xE0000060]
.reloc C:\WINDOWS\system32\drivers\acedrv10.sys section is executable [0xB0BF0000, 0x4549F, 0xE0000060]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\xampp\apache\bin\apache.exe[132] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\xampp\apache\bin\apache.exe[132] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000708C4
.text C:\Program Files\xampp\apache\bin\apache.exe[132] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00070838
.text C:\Program Files\xampp\apache\bin\apache.exe[132] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00070950
.text C:\Program Files\xampp\apache\bin\apache.exe[132] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\Program Files\xampp\apache\bin\apache.exe[132] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\xampp\mysql\bin\mysqld-nt.exe[244] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\CyberLink\Shared files\RichVideo.exe[292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[328] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] ntdll.dll!RtlLargeIntegerToChar + 1CA 7C960C6E 1 Byte [92]
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00030090
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00030694
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00030234
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00030004
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0003011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0003057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0003034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00030464
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00030608
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00030720
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00030DB0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00030F54
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00030D24
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00030E3C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00030FE0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[364] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00030EC8
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[412] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[412] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[412] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\WINDOWS\system32\wdfmgr.exe[496] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\WINDOWS\system32\wdfmgr.exe[496] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\WINDOWS\system32\wdfmgr.exe[496] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\Explorer.EXE[584] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\Explorer.EXE[584] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\Explorer.EXE[584] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00080DB0
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00080F54
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00080D24
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00080E3C
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00080FE0
.text C:\WINDOWS\Explorer.EXE[584] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00080EC8
.text C:\WINDOWS\Explorer.EXE[584] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\Explorer.EXE[584] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\Explorer.EXE[584] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[784] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\SOUNDMAN.EXE[804] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\SOUNDMAN.EXE[804] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\SOUNDMAN.EXE[804] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001601A8
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00160090
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00160694
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001602C0
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00160234
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00160004
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0016011C
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001604F0
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0016057C
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001603D8
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0016034C
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00160464
.text C:\WINDOWS\system32\csrss.exe[812] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00160608
.text C:\WINDOWS\system32\csrss.exe[812] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001607AC
.text C:\WINDOWS\system32\csrss.exe[812] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00160720
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Procesor
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\WINDOWS\system32\winlogon.exe[840] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\WINDOWS\system32\winlogon.exe[840] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000708C4
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00070838
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00070950
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00070DB0
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00070F54
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00070D24
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00070E3C
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00070FE0
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00070EC8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\services.exe[884] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\services.exe[884] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\lsass.exe[904] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\lsass.exe[904] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1084] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1084] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[1184] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[1184] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00080DB0
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00080F54
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00080D24
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00080E3C
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00080FE0
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00080EC8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000708C4
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00070838
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00070950
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00130DB0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00130F54
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00130D24
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00130E3C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00130FE0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00130EC8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00130DB0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00130F54
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00130D24
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00130E3C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00130FE0
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\WINDOWS\system32\winlogon.exe[840] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\WINDOWS\system32\winlogon.exe[840] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\WINDOWS\system32\winlogon.exe[840] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000708C4
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00070838
.text C:\WINDOWS\system32\winlogon.exe[840] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00070950
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00070DB0
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00070F54
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00070D24
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00070E3C
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00070FE0
.text C:\WINDOWS\system32\winlogon.exe[840] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00070EC8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\services.exe[884] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\services.exe[884] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\services.exe[884] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\lsass.exe[904] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\lsass.exe[904] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\lsass.exe[904] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\lsass.exe[904] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1036] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[1068] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1084] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1084] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1084] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1084] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1144] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1144] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Documents and Settings\marek\Desktop\gmer.exe[1168] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[1184] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[1184] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[1184] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\svchost.exe[1184] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00080DB0
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00080F54
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00080D24
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00080E3C
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00080FE0
.text C:\WINDOWS\System32\svchost.exe[1184] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00080EC8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000708C4
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00070838
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00070950
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\Program Files\xampp\apache\bin\apache.exe[1208] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00130DB0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00130F54
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00130D24
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00130E3C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00130FE0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1216] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00130EC8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00130DB0
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00130F54
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00130D24
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00130E3C
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00130FE0
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
.text C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[1228] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00130EC8
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1244] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Winamp\winampa.exe[1400] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\Program Files\Winamp\winampa.exe[1400] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\spoolsv.exe[1692] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\spoolsv.exe[1692] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1824] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1824] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00080DB0
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00080F54
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00080D24
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00080E3C
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00080FE0
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00080EC8
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\wuauclt.exe[3472] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\wuauclt.exe[3472] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1244] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1244] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1244] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1280] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1292] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1372] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Winamp\winampa.exe[1400] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Winamp\winampa.exe[1400] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000707AC
.text C:\Program Files\Winamp\winampa.exe[1400] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00070720
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1436] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1484] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\spoolsv.exe[1692] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\spoolsv.exe[1692] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\spoolsv.exe[1692] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\spoolsv.exe[1692] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[1748] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1824] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1824] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenW 771BAF39 5 Bytes JMP 00080DB0
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetConnectA 771C344A 5 Bytes JMP 00080F54
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenA 771C5786 5 Bytes JMP 00080D24
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenUrlA 771C5A52 5 Bytes JMP 00080E3C
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetConnectW 771CEE30 5 Bytes JMP 00080FE0
.text C:\WINDOWS\system32\svchost.exe[1824] WININET.dll!InternetOpenUrlW 771D5BA2 5 Bytes JMP 00080EC8
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1824] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\ATI Technologies\ATI.ACE\cli.exe[1864] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[1872] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[3388] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\wuauclt.exe[3472] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\wuauclt.exe[3472] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\wuauclt.exe[3472] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\alg.exe[3932] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\alg.exe[3932] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[884] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003F0002
IAT C:\WINDOWS\system32\services.exe[884] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003F0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs LF30XP.sys
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom LF30XP.sys
Device \FileSystem\Mup \Dfs LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Ip SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Serial \Device\Serial0 LF30XP.sys
Device \Driver\Serial \Device\Serial1 LF30XP.sys
Device \FileSystem\RAW \Device\RawTape LF30XP.sys
Device \FileSystem\MRxDAV \Device\WebDavRedirector LF30XP.sys
Device \Driver\rdpdr \Device\RdpDrPort LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
Device \Driver\ParVdm \Device\ParallelVdm0 LF30XP.sys
Device \Driver\rdpdr \Device\RdpDr LF30XP.sys
Device \FileSystem\Rdbss \Device\FsWrap LF30XP.sys
Device \Driver\Parport \Device\Parallel0 LF30XP.sys
Device \FileSystem\Mup \Device\Mup LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \FileSystem\RAW \Device\RawDisk LF30XP.sys
Device \Driver\Ptilink \Device\ParTechInc0 LF30XP.sys
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver LF30XP.sys
Device \FileSystem\MRxSmb \Device\LanmanRedirector LF30XP.sys
Device \FileSystem\Npfs \Device\NamedPipe LF30XP.sys
Device \FileSystem\Msfs \Device\Mailslot LF30XP.sys
Device \Driver\AFD \Device\Afd LF30XP.sys
Device \FileSystem\RAW \Device\RawCdRom LF30XP.sys
Device \FileSystem\Mup \Device\WinDfs\Root LF30XP.sys
Device \FileSystem\Fastfat \Fat LF30XP.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer LF30XP.sys
Device \FileSystem\Cdfs \Cdfs LF30XP.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
---- EOF - GMER 1.0.15 ----
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!socket 71AB4211 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[3512] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3672] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\alg.exe[3932] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\alg.exe[3932] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\alg.exe[3932] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!socket 71AB4211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!bind 71AB4480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\alg.exe[3932] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 00080950
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[884] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003F0002
IAT C:\WINDOWS\system32\services.exe[884] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003F0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs LF30XP.sys
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom LF30XP.sys
Device \FileSystem\Mup \Dfs LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Ip SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Serial \Device\Serial0 LF30XP.sys
Device \Driver\Serial \Device\Serial1 LF30XP.sys
Device \FileSystem\RAW \Device\RawTape LF30XP.sys
Device \FileSystem\MRxDAV \Device\WebDavRedirector LF30XP.sys
Device \Driver\rdpdr \Device\RdpDrPort LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
Device \Driver\ParVdm \Device\ParallelVdm0 LF30XP.sys
Device \Driver\rdpdr \Device\RdpDr LF30XP.sys
Device \FileSystem\Rdbss \Device\FsWrap LF30XP.sys
Device \Driver\Parport \Device\Parallel0 LF30XP.sys
Device \FileSystem\Mup \Device\Mup LF30XP.sys
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \FileSystem\RAW \Device\RawDisk LF30XP.sys
Device \Driver\Ptilink \Device\ParTechInc0 LF30XP.sys
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver LF30XP.sys
Device \FileSystem\MRxSmb \Device\LanmanRedirector LF30XP.sys
Device \FileSystem\Npfs \Device\NamedPipe LF30XP.sys
Device \FileSystem\Msfs \Device\Mailslot LF30XP.sys
Device \Driver\AFD \Device\Afd LF30XP.sys
Device \FileSystem\RAW \Device\RawCdRom LF30XP.sys
Device \FileSystem\Mup \Device\WinDfs\Root LF30XP.sys
Device \FileSystem\Fastfat \Fat LF30XP.sys
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer LF30XP.sys
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer LF30XP.sys
Device \FileSystem\Cdfs \Cdfs LF30XP.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFD 0xE6 0xE6 0xD3 ...
---- EOF - GMER 1.0.15 ----
Re: Procesor
změnilo se něco?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
tak sledujem to stale cez VYKON PROCESORA, a ked spustim ten film tak to skače od 90-100 využitia procesora, skusal som spustit sony vegas, sputalo dlhšie ako obvykle. ale zas v photoshope mi to nesekalo momentálne až tak. Využitie skáče rôzne od dákych 10 % - až do tej 90 alebo 100 %. ..Ešte sa mi tam ponúka niekolko automatickych aktualizácii mám ich nahodiť všetky?
Re: Procesor
Zkuste. Jinak je pc v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Inak by mal byť, no vlastne ešte bol problém že sa hocikedy sám od seba reštartoval..to je jedno pričom..bežal a sam od seba restartoval.
Re: Procesor
Tento program znáte?C:\Program Files\Everstrike Software\Lock Folder XP 3.6
Můžete ho třeba přes Revo uninstall odinstalovat a nainstalovat znovu?
můžete doinstalovat sp3? když se počítač restartuje, vyhodí modrou obrazovku? Pokud ano, není pod těmi čísly napsaná i nějaká chyba souboru?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Je to program na skrytie určitých zložiek priečinkov. K čomu bude dobré preinštalovanie? .alebo ho odstránim radšej celý?
SP3 je tam. keď si dám vlastnosti pc tak už ukazuje windows service pack 3.
A nie ak sa reštartuje nevyhadzuje modrú obrazovku iba vtedy keď som opisoval tuna ten problém vtedy to naskočilo, a mám pocit že tam nebolo pod číslami napísana chyba..
SP3 je tam. keď si dám vlastnosti pc tak už ukazuje windows service pack 3.
A nie ak sa reštartuje nevyhadzuje modrú obrazovku iba vtedy keď som opisoval tuna ten problém vtedy to naskočilo, a mám pocit že tam nebolo pod číslami napísana chyba..
Re: Procesor
Omlouvám se, nevšimla jsem si, že už jste sp3 instaloval. Už se na těch 4stránkách trochu ztrácím 
.
Driver od toho programu je vypsaný v gmeru a moc se mi to nezdá, proto jsem ho chtěla zkusit přeinstalovat, jestli třeba není napadený
.
Až program přeinstalujete, spustte znovu combofix
.Driver od toho programu je vypsaný v gmeru a moc se mi to nezdá, proto jsem ho chtěla zkusit přeinstalovat, jestli třeba není napadený
.Až program přeinstalujete, spustte znovu combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Pri tom odinštalovaní cez Revo tam našlo pri tom programe staré položky registrov (22 ich je) je tam ze treba byť opatrný tak pre istotu sa pýtam, mám ich všetky dať zmazať alebo niektoré nie? alebo vôbec nie?
Re: Procesor
Záleží co to jsou za položky. Napízí revo možnost nějaké zálohy? Ale když tak máme zálohu registru od combofixu. Dejte ano
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
neponukal nič také, takže zmazane, odinštalované. nainštalujem znova alebo rovno prejdem na combofix?
Re: Procesor
Nainstalujte znovu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?