Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Firefox načítá stránky nezvykle pomalu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Firefox načítá stránky nezvykle pomalu

#1 Příspěvek od The.Brain »

Dobrý den, prosím o kontrolu, Firefox načítá stránky nezvykle pomalu (u jiných aplikací jsem pomalost nepozoroval). Děkuji.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomáš Křivánek at 2010-02-27 15:02:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (10%) free of 50 GB
Total RAM: 1023 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03:31, on 27.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Razer\Reclusa\razerhid.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Razer\Reclusa\razertra.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\713xRMTMon.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Tomáš Křivánek\Plocha\RSIT.exe
C:\Program Files\trend micro\Tomáš Křivánek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.karneval.cz:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Reclusa] C:\Program Files\Razer\Reclusa\razerhid.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9468 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-06-25 335872]
"SMSERIAL"=C:\WINDOWS\sm56hlpr.exe [2000-11-22 462848]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-10-05 866584]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-03-21 69632]
"Reclusa"=C:\Program Files\Razer\Reclusa\razerhid.exe [2007-03-07 167936]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 1037736]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2008-07-12 249856]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-15 1628208]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328]
"TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMTMon.exe [2005-07-20 352256]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-17 490952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-12-08 26694952]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-05-12 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-10-05 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoResolveSearch"=
"HonorAutoRunSetting"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Games\Counter-Strike Source\hl2.exe"="C:\Games\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Casino\ParadiseCasino - Czech\casino.exe"="C:\Casino\ParadiseCasino - Czech\casino.exe:*:Enabled:casino"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-26 10:52:45 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2010-02-26 10:52:44 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2010-02-24 03:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-14 12:27:00 ----D---- C:\Documents and Settings\Tomáš Křivánek\Data aplikací\skypePM
2010-02-14 12:25:30 ----D---- C:\Documents and Settings\Tomáš Křivánek\Data aplikací\Skype
2010-02-14 12:25:04 ----D---- C:\Program Files\Common Files\Skype
2010-02-14 12:24:55 ----RD---- C:\Program Files\Skype
2010-02-10 03:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 03:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 03:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 03:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 03:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 03:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 03:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 03:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 03:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$

======List of files/folders modified in the last 1 months======

2010-02-27 15:03:05 ----D---- C:\Program Files\trend micro
2010-02-27 15:02:57 ----D---- C:\WINDOWS\Prefetch
2010-02-27 09:10:02 ----D---- C:\WINDOWS\system32\config
2010-02-27 03:01:07 ----D---- C:\WINDOWS\Temp
2010-02-27 02:51:37 ----SD---- C:\WINDOWS\Tasks
2010-02-27 02:47:50 ----D---- C:\Program Files\lg_fwupdate
2010-02-27 02:47:47 ----A---- C:\WINDOWS\lgfwup.ini
2010-02-27 02:46:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-27 02:44:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-26 10:52:45 ----AD---- C:\Program Files
2010-02-26 10:50:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-02-25 22:56:52 ----D---- C:\WINDOWS
2010-02-24 09:16:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-02-24 03:02:54 ----HD---- C:\WINDOWS\inf
2010-02-24 03:02:39 ----D---- C:\WINDOWS\system32
2010-02-21 15:59:13 ----D---- C:\Games
2010-02-21 15:17:06 ----D---- C:\Casino
2010-02-20 09:22:47 ----D---- C:\Documents and Settings\Tomáš Křivánek\Data aplikací\ICQ
2010-02-17 21:30:18 ----D---- C:\Program Files\ICQ6.5
2010-02-15 05:30:17 ----D---- C:\Program Files\DOSBox-0.72
2010-02-14 12:25:29 ----SHD---- C:\WINDOWS\Installer
2010-02-14 12:25:28 ----SHD---- C:\Config.Msi
2010-02-14 12:25:04 ----AD---- C:\Program Files\Common Files
2010-02-14 12:24:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-02-13 21:10:27 ----D---- C:\Documents and Settings
2010-02-13 20:40:16 ----D---- C:\WINDOWS\Debug
2010-02-13 11:21:58 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-10 03:07:15 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-10 03:07:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-10 03:07:10 ----D---- C:\WINDOWS\system32\drivers
2010-02-07 09:34:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-06 12:41:31 ----SHD---- C:\WINDOWS\CSC
2010-02-04 15:56:59 ----D---- C:\Program Files\Common Files\Adobe
2010-02-04 15:56:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2006-05-13 165376]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-05-13 18048]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2004-08-23 11089]
R2 PPCLASS;PPCLASS; C:\WINDOWS\system32\drivers\PPCLASS.sys [1997-04-09 85868]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2008-05-12 3007488]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-26 25280]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-04-08 29696]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-04-08 282880]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2007-08-21 21760]
R3 RecFltr;Reclusa Keyboard; C:\WINDOWS\System32\Drivers\RecFltr.sys [2007-01-18 41984]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-09-05 279552]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S2 PPSCAN;PPSCAN; C:\WINDOWS\system32\drivers\PPSCAN.sys [1998-02-20 115136]
S2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2005-09-05 25984]
S3 adtfzp7o;adtfzp7o; C:\WINDOWS\system32\drivers\adtfzp7o.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cirrus;cirrus; C:\WINDOWS\System32\DRIVERS\cirrus.sys [2001-08-17 45696]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2004-09-13 49611]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 npkcrypt;npkcrypt; \??\C:\Games\Lineage II\system\npkcrypt.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 52384]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 6064]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 84512]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 smserial;smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-05-12 540672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-02-22 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2005-05-07 126976]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-10-05 13592]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-05-12 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#2 Příspěvek od earl »

Zdravim,

:arrow:Otestujte na VIRUSTOTALu a JOTTISCANu

C:\WINDOWS\713xRMTMon.exe

(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledky sem vlozte)

Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.

:arrow: Odinstalujte Spybot,mate Windows Defender.

:arrow: Odinstalujte Avast,mate MSE

:arrow: Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo :D )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

:arrow: Stahnete GMER , rozbalte a spustte

probehne sken, po jehoz ukonceni na vas vyskoci vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu

absolvujte druhy sken a opet obsah logu sem.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#3 Příspěvek od The.Brain »

:arrow: Otestováno s následujícími výsledky:
0/41 (0%)
a
Test dokončen. 0 z 20 programů nalezlo škodlivý kód.

:arrow: Spybot odinstalován

:arrow: Avast v tomto PC nenalezen :)

:arrow: Vyčištění CCleanerem provedeno

:arrow: GMER scan proveden, log č. 1:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-27 16:31:44
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\TOMKIV~1\LOCALS~1\Temp\uxrirpod.sys


---- System - GMER 1.0.15 ----

SSDT spyb.sys ZwEnumerateKey [0xF7385CA2]
SSDT spyb.sys ZwEnumerateValueKey [0xF7386030]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 86BCA1F8

AttachedDevice \FileSystem\Ntfs \Ntfs InCDrec.SYS (InCD File System Recognizer/Nero AG)

Device \FileSystem\Fastfat \Fat 86906368

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat InCDrec.SYS (InCD File System Recognizer/Nero AG)
AttachedDevice \Driver\Tcpip \Device\Ip fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Tcp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Udp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\RawIp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)

---- EOF - GMER 1.0.15 ----

Avizovaných 5-10 minut druhého testu trvalo bezmála 5 hodin, log obsahuje asi 200.000 znaků, proto bude rozdělen do několika dalších příspěvků:
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#4 Příspěvek od earl »

OK.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#5 Příspěvek od The.Brain »

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-27 20:55:31
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\TOMKIV~1\LOCALS~1\Temp\uxrirpod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwClose [0xAA716F80]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwCreateFile [0xAA716552]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwCreateKey [0xAA712882]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwCreateProcess [0xAA715A1A]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwCreateProcessEx [0xAA715910]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwCreateThread [0xAA715F2A]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwDeleteFile [0xAA717034]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwDeleteKey [0xAA712D54]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwDeleteValueKey [0xAA712E70]
SSDT spyb.sys ZwEnumerateKey [0xF7385CA2]
SSDT spyb.sys ZwEnumerateValueKey [0xF7386030]
SSDT \SystemRoot\system32\drivers\khips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software) ZwLoadDriver [0xAA492F64]
SSDT \SystemRoot\system32\drivers\khips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software) ZwMapViewOfSection [0xAA49324A]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwOpenFile [0xAA716906]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwOpenKey [0xAA712B78]
SSDT spyb.sys ZwQueryKey [0xF7386108]
SSDT spyb.sys ZwQueryValueKey [0xF7385F88]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwResumeThread [0xAA7160DC]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwSetInformationFile [0xAA716CE0]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwSetValueKey [0xAA713038]
SSDT \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software) ZwWriteFile [0xAA716BB2]

INT 0x62 ? 86BCBBF8
INT 0x63 ? 86A73F00
INT 0x73 ? 86A73F00
INT 0x82 ? 86BCBBF8
INT 0x83 ? 86A73F00

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 3CC 804E2A38 1 Byte [E0]
? spyb.sys Systém nemůže nalézt uvedený soubor. !
PAGENDSM NDIS.sys!NdisMIndicateStatus F71C99EF 6 Bytes JMP AA70AC5E \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
.text USBPORT.SYS!DllUnload F6B538AC 5 Bytes JMP 86A734E0
init C:\WINDOWS\system32\drivers\nvax.sys entry point in "init" section [0xF77CCA1E]
.text C:\WINDOWS\System32\DRIVERS\ati2mtag.sys section is writeable [0xF669D000, 0x18FFBC, 0xE8000020]
.text a0p8llm2.SYS F664F386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a0p8llm2.SYS F664F3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a0p8llm2.SYS F664F3C4 3 Bytes [00, 50, 02] {ADD [EAX+0x2], DL}
.text a0p8llm2.SYS F664F3C9 1 Byte [26]
.text a0p8llm2.SYS F664F3C9 11 Bytes [26, 00, 00, 00, 32, 02, 00, ...] {ADD ES:[EAX], AL; ADD [EDX], DH; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA7EC6300, 0x22020, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF7887300, 0x1B7E, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[188] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] wininet.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] WS2_32.dll!socket 71A94211 5 Bytes JMP 000708C4
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] WS2_32.dll!bind 71A94480 5 Bytes JMP 00070838
.text c:\Program Files\Microsoft Security Essentials\MsMpEng.exe[236] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00070950
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] wininet.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] WS2_32.dll!socket 71A94211 5 Bytes JMP 000708C4
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] WS2_32.dll!bind 71A94480 5 Bytes JMP 00070838
.text C:\Program Files\Windows Defender\MsMpEng.exe[244] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00070950
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[304] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[304] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[304] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\svchost.exe[304] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\svchost.exe[304] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\svchost.exe[304] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00080F54
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00080FE0
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00080D24
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00080DB0
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00080E3C
.text C:\WINDOWS\System32\svchost.exe[304] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00080EC8
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[420] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[420] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[420] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\svchost.exe[420] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\svchost.exe[420] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\svchost.exe[420] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Bonjour\mDNSResponder.exe[440] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[536] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[536] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[536] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[584] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe[648] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Java\jre6\bin\jqs.exe[692] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[736] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[736] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[736] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[736] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[736] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[736] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Windows Defender\MSASCui.exe[788] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Windows Defender\MSASCui.exe[788] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Windows Defender\MSASCui.exe[788] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[908] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001601A8
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00160090
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00160694
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001602C0
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00160234
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00160004
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0016011C
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001604F0
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0016057C
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001603D8
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0016034C
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00160464
.text C:\WINDOWS\system32\csrss.exe[1108] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00160608
.text C:\WINDOWS\system32\csrss.exe[1108] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001607AC
.text C:\WINDOWS\system32\csrss.exe[1108] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00160720
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#6 Příspěvek od The.Brain »

.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\WINDOWS\system32\winlogon.exe[1144] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\WINDOWS\system32\winlogon.exe[1144] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\WINDOWS\system32\winlogon.exe[1144] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\WINDOWS\system32\winlogon.exe[1144] WS2_32.dll!socket 71A94211 5 Bytes JMP 000708C4
.text C:\WINDOWS\system32\winlogon.exe[1144] WS2_32.dll!bind 71A94480 5 Bytes JMP 00070838
.text C:\WINDOWS\system32\winlogon.exe[1144] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00070950
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[1164] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\services.exe[1188] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\services.exe[1188] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\services.exe[1188] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\lsass.exe[1200] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\lsass.exe[1200] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\lsass.exe[1200] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\lsass.exe[1200] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\lsass.exe[1200] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\lsass.exe[1200] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\spoolsv.exe[1276] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\spoolsv.exe[1276] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\spoolsv.exe[1276] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\spoolsv.exe[1276] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\spoolsv.exe[1276] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\spoolsv.exe[1276] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe[1352] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\system32\Ati2evxx.exe[1396] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Razer\Reclusa\razerhid.exe[1408] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1416] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1416] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1416] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1416] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1416] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1416] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe[1448] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\svchost.exe[1528] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\svchost.exe[1528] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\svchost.exe[1528] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\svchost.exe[1528] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\svchost.exe[1528] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\svchost.exe[1528] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe[1680] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[1740] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00030090
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00030694
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00030234
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00030004
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0003011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0003057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0003034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00030464
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00030608
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00030720
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WS2_32.dll!socket 71A94211 5 Bytes JMP 000308C4
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WS2_32.dll!bind 71A94480 5 Bytes JMP 00030838
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00030950
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00030F54
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00030FE0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00030D24
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00030DB0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00030E3C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe[1752] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00030EC8
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[1812] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[1812] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[1812] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\UAService7.exe[1828] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[1916] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\PnkBstrA.exe[1968] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#7 Příspěvek od The.Brain »

.text C:\WINDOWS\system32\PnkBstrA.exe[1968] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\svchost.exe[2024] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\svchost.exe[2024] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\svchost.exe[2024] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00080F54
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00080FE0
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00080D24
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00080DB0
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00080E3C
.text C:\WINDOWS\System32\svchost.exe[2024] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00080EC8
.text C:\WINDOWS\System32\svchost.exe[2024] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\svchost.exe[2024] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\svchost.exe[2024] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2060] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\lg_fwupdate\fwupdate.exe[2068] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\wbem\wmiapsrv.exe[2080] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe[2172] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text C:\Program Files\Nero\Nero 7\InCD\InCD.exe[2184] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\WINDOWS\713xRMTMon.exe[2192] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\WINDOWS\713xRMTMon.exe[2192] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\WINDOWS\713xRMTMon.exe[2192] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text C:\Program Files\Microsoft Security Essentials\msseces.exe[2208] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] ws2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] ws2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Java\jre6\bin\jusched.exe[2224] ws2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Documents and Settings\Tomáš Křivánek\Plocha\gmer.exe[2288] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\ctfmon.exe[2304] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\ctfmon.exe[2304] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\ctfmon.exe[2304] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000701A8
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070090
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00070694
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000702C0
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070234
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00070004
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0007011C
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000704F0
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0007057C
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000703D8
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0007034C
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00070464
.text C:\Program Files\Messenger\msmsgs.exe[2320] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00070608
.text C:\Program Files\Messenger\msmsgs.exe[2320] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000707AC
.text C:\Program Files\Messenger\msmsgs.exe[2320] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00070720
.text C:\Program Files\Messenger\msmsgs.exe[2320] WS2_32.dll!socket 71A94211 5 Bytes JMP 000708C4
.text C:\Program Files\Messenger\msmsgs.exe[2320] WS2_32.dll!bind 71A94480 5 Bytes JMP 00070838
.text C:\Program Files\Messenger\msmsgs.exe[2320] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00070950
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00070F54
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00070FE0
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00070D24
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00070DB0
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00070E3C
.text C:\Program Files\Messenger\msmsgs.exe[2320] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00070EC8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\DAEMON Tools Lite\daemon.exe[2328] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] user32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] user32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] wininet.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Skype\Plugin Manager\skypePM.exe[2540] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\System32\alg.exe[2704] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\System32\alg.exe[2704] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\System32\alg.exe[2704] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\System32\alg.exe[2704] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\System32\alg.exe[2704] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\System32\alg.exe[2704] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe[3064] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\Explorer.EXE[3080] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#8 Příspěvek od The.Brain »

.text C:\WINDOWS\Explorer.EXE[3080] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\Explorer.EXE[3080] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00080F54
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00080FE0
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00080D24
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00080DB0
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00080E3C
.text C:\WINDOWS\Explorer.EXE[3080] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00080EC8
.text C:\WINDOWS\Explorer.EXE[3080] WS2_32.dll!socket 71A94211 5 Bytes JMP 000808C4
.text C:\WINDOWS\Explorer.EXE[3080] WS2_32.dll!bind 71A94480 5 Bytes JMP 00080838
.text C:\WINDOWS\Explorer.EXE[3080] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00080950
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] KERNEL32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[3236] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Razer\Reclusa\razertra.exe[3276] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Skype\Phone\Skype.exe[3316] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Skype\Phone\Skype.exe[3316] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Skype\Phone\Skype.exe[3316] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\Skype\Phone\Skype.exe[3316] wininet.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8
.text C:\Program Files\Skype\Phone\Skype.exe[3316] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Skype\Phone\Skype.exe[3316] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Skype\Phone\Skype.exe[3316] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\wuauclt.exe[3320] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\wuauclt.exe[3320] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 000807AC
.text C:\WINDOWS\system32\wuauclt.exe[3320] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00080720
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 001301A8
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00130090
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!WriteProcessMemory 7C802213 5 Bytes JMP 00130694
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 001302C0
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00130234
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00130004
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!VirtualAllocEx 7C809B12 5 Bytes JMP 0013011C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 001304F0
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 0013057C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 001303D8
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!CreateProcessInternalA 7C81D54E 5 Bytes JMP 0013034C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00130464
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] kernel32.dll!SetThreadContext 7C863C09 5 Bytes JMP 00130608
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WS2_32.dll!socket 71A94211 5 Bytes JMP 001308C4
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WS2_32.dll!bind 71A94480 5 Bytes JMP 00130838
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WS2_32.dll!connect 71A94A07 5 Bytes JMP 00130950
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 001307AC
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00130720
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetConnectA 40C1B0D2 5 Bytes JMP 00130F54
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetConnectW 40C1C2C0 5 Bytes JMP 00130FE0
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetOpenA 40C23081 5 Bytes JMP 00130D24
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetOpenW 40C236B1 5 Bytes JMP 00130DB0
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetOpenUrlA 40C26F5A 5 Bytes JMP 00130E3C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4056] WININET.dll!InternetOpenUrlW 40C68439 5 Bytes JMP 00130EC8

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86B602D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7398C4C] spyb.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7398CA0] spyb.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7368040] spyb.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F736813C] spyb.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F73680BE] spyb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F73687FC] spyb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F73686D2] spyb.sys
IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 86A735E0
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlInitUnicodeString] EB000000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!swprintf] 28458B31
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeSetEvent] 000300C7
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 26EB0000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 0214BB83
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 8B000000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmFreeMappingAddress] 08742845
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 000C00C7
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 12EB0000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmUnmapIoSpace] 800C4D8A
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] D9F605E9
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IofCompleteRequest] E181C91B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 00000080
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IofCallDriver] 138B0889
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 0E7A8366
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 80067500
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoConnectInterrupt] 7400FE7D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoDetachDevice] 00088106
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeWaitForSingleObject] 80000040
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInitializeEvent] 7400FD7D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeCancelTimer] 00088106
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 80000020
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlInitAnsiString] 7400FC7D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 00088106
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoQueueWorkItem] 80000010
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmMapIoSpace] 75050C7D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 00088106
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoReportDetectedDevice] 83000080
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0001B0BB
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 1D740000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!NlsMbCodePageTag] 8B2C4D8B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!PoRequestPowerIrp] 43C73455
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 00627C18
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 18438B00
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!sprintf] 895F0189
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] C68B5B1A
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ObfDereferenceObject] 5DE58B5E
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] ACBB80C3
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 00000001
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ZwClose] 4D8B1D74
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] 34558B2C
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 3E1843C7
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 8B000031
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 01891843
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoCreateDevice] 5B1A895F
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 8B5EC68B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 8BC35DE5
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 558B2C4D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ZwOpenKey] 1843C734
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 0000189F
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoStartTimer] 8918438B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInitializeTimer] 1A895F01
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoInitializeTimer] 5EC68B5B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInitializeDpc] C35DE58B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInitializeSpinLock] [F665A463] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoInitializeIrp] [F665A471] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ZwCreateKey] [F665A47C] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] [F665A487] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] [F665A492] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ZwSetValueKey] [F665A49D] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeInsertQueueDpc] [F665A4A8] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] [F665A4C9] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoStartPacket] [F665A4B3] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] [F665A4BE] \SystemRoot\System32\Drivers\a0p8llm2.SYS (IDE/ATAPI Port Driver/Microsoft Corporation)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoFreeMdl] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmUnlockPages] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 56EC8B55
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 5608758B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] FFF133E8
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 00F468FF
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeSynchronizeExecution] 868D0000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoStartNextPacket] 00001A8C
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeBugCheckEx] E850006A
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] FFFF872A
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeSetTimer] 0000F468
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!_allmul] 808E8D00
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmProbeAndLockPages] 6A00001B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!_except_handler3] 17E85100
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!PoSetPowerState] 33FFFF87
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 6B8689C0
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 89000002
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00026F86
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!_aulldiv] 73868900
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!strstr] 89000002
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!_strupr] 00027786
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeQuerySystemTime] 7B868900
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 89000002
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!KeTickCount] 00027F86
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 83868900
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoDeleteDevice] 89000002
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 00028786
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAllocateWorkItem] A0868B00
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAllocateIrp] 83000001
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoAllocateMdl] C0851CC4
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] E8500974
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmLockPagableDataSection] FFFF7484
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 5604C483
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] FF747BE8
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!ExFreePoolWithTag] 04C483FF
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoFreeIrp] 5D5EC033
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!IoFreeWorkItem] CCCCCCC3
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!InitSafeBootMode] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!RtlCompareMemory] 8BEC8B55
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!PoCallDriver] 908B0845
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!memmove] 000000B8
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[ntoskrnl.exe!MmHighestUserAddress] 890C4D8B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KfAcquireSpinLock] 00000600
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!READ_PORT_UCHAR] 8B73EB00
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KeGetCurrentIrql] 00C72845
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KfRaiseIrql] 0000000F
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KfLowerIrql] 458B68EB
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!HalGetInterruptVector] [1000C728] \Program Files\DAEMON Tools Lite\daemon.dll (DAEMON Tools Lite control library/DT Soft Ltd.)
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!HalTranslateBusAddress] EB000000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KeStallExecutionProcessor] 28458B5D
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!KfReleaseSpinLock] 001100C7
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 52EB0000
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!READ_PORT_USHORT] C728458B
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00001200
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[HAL.dll!WRITE_PORT_UCHAR] 8B47EB00
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[WMILIB.SYS!WmiSystemControl] 00000008
IAT \SystemRoot\System32\Drivers\a0p8llm2.SYS[WMILIB.SYS!WmiCompleteRequest] 458B3CEB
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [AA70AB06] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [AA70AB26] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [AA70AB60] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [AA70AB86] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [AA70AB60] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [AA70AB26] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [AA70AB06] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [AA70AB60] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [AA70AB86] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [AA70AB06] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [AA70AB26] \SystemRoot\system32\drivers\fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 86BCA1F8

AttachedDevice \FileSystem\Ntfs \Ntfs InCDrec.SYS (InCD File System Recognizer/Nero AG)

Device \FileSystem\Fastfat \FatCdrom 86906368

AttachedDevice \Driver\Tcpip \Device\Ip fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)

Device \Driver\usbohci \Device\USBPDO-0 86A72500
Device \Driver\dmio \Device\DmControl\DmIoDaemon 86B5E1F8
Device \Driver\dmio \Device\DmControl\DmConfig 86B5E1F8
Device \Driver\dmio \Device\DmControl\DmPnP 86B5E1F8
Device \Driver\dmio \Device\DmControl\DmInfo 86B5E1F8
Device \Driver\usbohci \Device\USBPDO-1 86A72500
Device \Driver\usbehci \Device\USBPDO-2 86A71500
Device \Driver\sptd \Device\2474316146 spyb.sys
Device \Driver\PCI_PNP1146 \Device\00000055 spyb.sys

AttachedDevice \Driver\Tcpip \Device\Tcp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)

Device \Driver\NetBT \Device\NetBT_Tcpip_{CD12E1FD-A0B5-4CFD-A10A-1CA9376A9845} 8686A500
Device \Driver\prodrv06 \Device\ProDrv06 E1C7EC30
Device \Driver\Ftdisk \Device\HarddiskVolume1 86BCC1F8
Device \Driver\Cdrom \Device\CdRom0 869E1500
Device \Driver\Ftdisk \Device\HarddiskVolume2 86BCC1F8
Device \Driver\Cdrom \Device\CdRom1 869E1500
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F72BBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F72BBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F72BBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F72BBB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\prohlp02 \Device\ProHlp02 E17E2368
Device \Driver\NetBT \Device\NetBt_Wins_Export 8686A500
Device \Driver\NetBT \Device\NetbiosSmb 8686A500

AttachedDevice \Driver\Tcpip \Device\Udp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\RawIp fwdrv.sys (Sunbelt Personal Firewall FWDRV/Sunbelt Software)

Device \Driver\usbohci \Device\USBFDO-0 86A72500
Device \Driver\NetBT \Device\NetBT_Tcpip_{A9602BC1-1C48-4575-8BF2-22F2C84D4174} 8686A500
Device \Driver\usbohci \Device\USBFDO-1 86A72500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 864E7368
Device \Driver\usbehci \Device\USBFDO-2 86A71500
Device 864E7368
Device \Driver\Ftdisk \Device\FtControl 86BCC1F8
Device \Driver\a0p8llm2 \Device\Scsi\a0p8llm21Port2Path0Target0Lun0 869321F8
Device \Driver\a0p8llm2 \Device\Scsi\a0p8llm21 869321F8
Device 86906368
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device InCDFs.sys (InCD File System Driver/Nero AG)
Device \FileSystem\Cdfs \Cdfs 85F2C1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -1720999122
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -798870319
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xD8 0x1F 0xED 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x07 0x6B 0x0D 0x8C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x96 0x28 0xAC 0x3A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xD8 0x1F 0xED 0x2D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x07 0x6B 0x0D 0x8C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x96 0x28 0xAC 0x3A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x47 0x14 0x99 0x0D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x2B 0xDD 0xB8 0x99 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x04 0x01 0xC5 0x2B ...
Reg HKLM\SOFTWARE\Classes\.application\bootstrap@ bootstrap.application.1

---- EOF - GMER 1.0.15 ----
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#9 Příspěvek od earl »

:arrow: CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:

Obrázek

pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120

Obrázek

odklepnout OK

Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet :!:

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#10 Příspěvek od The.Brain »

Ok, to vypadá na dýl, takže si tu dokončím nějakou práci, spustím přes noc a zítra se ozvu. Pro dnešek zatím díky :)
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#11 Příspěvek od earl »

NZ,zitra to dokoncime.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#12 Příspěvek od The.Brain »

ComboFix 10-02-27.04 - Tomáš Křivánek 28.02.2010 1:12.8.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.492 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomáš Křivánek\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Sunbelt Personal Firewall *disabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db
c:\windows\system32\VB6KO.DLL

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.

2010-02-26 09:52 . 2010-02-26 09:52 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-02-26 09:52 . 2010-02-26 09:52 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-02-14 11:25 . 2010-02-14 11:25 -------- d-----w- c:\program files\Common Files\Skype
2010-02-14 11:24 . 2010-02-14 11:25 -------- d-----r- c:\program files\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-27 20:03 . 2008-07-12 10:31 -------- d-----w- c:\program files\lg_fwupdate
2010-02-27 14:53 . 2008-11-01 22:15 1550 ----a-w- c:\windows\system32\drivers\fwdrv.err
2010-02-27 14:53 . 2005-12-08 19:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-27 14:44 . 2009-07-31 17:18 -------- d-----w- c:\program files\CCleaner
2010-02-27 14:03 . 2009-07-27 10:16 -------- d-----w- c:\program files\trend micro
2010-02-24 08:16 . 2009-10-01 00:34 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-17 20:30 . 2009-03-18 00:12 -------- d-----w- c:\program files\ICQ6.5
2010-02-15 04:30 . 2007-11-19 19:03 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-07 08:34 . 2002-09-23 12:00 90180 ----a-w- c:\windows\system32\perfc005.dat
2010-02-07 08:34 . 2002-09-23 12:00 460402 ----a-w- c:\windows\system32\perfh005.dat
2010-02-04 14:56 . 2003-12-19 06:57 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-21 19:56 . 2009-06-05 22:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-05 09:58 . 2004-01-16 05:56 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2001-10-25 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2001-10-25 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2004-08-05 13:53 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2001-10-25 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2001-10-25 12:00 2191360 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2001-10-24 11:46 2068224 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2001-10-25 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2004-03-11 11:27 . 2005-03-29 01:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2008-09-14 22:40 . 2008-09-14 22:40 61440 ----a-w- c:\program files\mozilla firefox\components\gemgecko.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-12-08 26694952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]
"SMSERIAL"="sm56hlpr.exe" [2000-11-22 462848]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-10-05 866584]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Reclusa"="c:\program files\Razer\Reclusa\razerhid.exe" [2007-03-07 167936]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-07-12 249856]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMTMon.exe" [2005-07-20 352256]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Games\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15002:TCP"= 15002:TCP:BitComet 15002 TCP
"15002:UDP"= 15002:UDP:BitComet 15002 UDP

R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 10:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 10:21 72624]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18.3.2009 1:15 222456]
R2 PPCLASS;PPCLASS;c:\windows\system32\drivers\ppclass.sys [13.4.2004 19:05 85868]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26.4.2007 10:21 1234480]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [5.10.2006 22:11 13592]
R3 RecFltr;Reclusa Keyboard;c:\windows\system32\drivers\RecFltr.sys [28.11.2007 19:27 41984]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.11.2006 12:52 717296]
S1 aswSP;avast! Self Protection; [x]
S2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 279552]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 PPSCAN;PPSCAN;c:\windows\system32\drivers\ppscan.sys [13.4.2004 19:05 115136]
S2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [18.1.2009 0:18 25984]
S3 cirrus;cirrus;c:\windows\system32\drivers\cirrus.sys [12.11.2005 19:22 45696]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-07-02 15:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxy.karneval.cz:3128
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\www
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš Křivánek\Data aplikací\Mozilla\Firefox\Profiles\vwsflc58.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 01:22
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = c:\windows\713xRMTMon.exe???????????????T?a?0D;?m?a?????????????????????????????????x?;?????????????????????????????????x?;?????8D;?????????T?a?x?;?m?a????????????????|?D;?????????????????????????????????????????????????????x?;?????T?a?h?o?m?a???????????A????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-117609710-1770027372-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:72,39,3f,2a,a0,07,8c,49,44,36,a8,11,2b,d7,8b,b6,f0,f4,ba,59,60,94,4c,
e8,43,4a,56,2b,c5,da,c6,04,21,79,73,4e,59,8b,81,a1,8e,e8,1b,81,6b,11,f8,0d,\
"??"=hex:5b,38,f5,31,d3,d9,38,36,97,56,a2,92,fa,09,3b,f9

[HKEY_LOCAL_MACHINE\software\Classes\.application\bootstrap]
@DACL=(02 0000)
@="bootstrap.application.1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1120)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-28 01:27:45
ComboFix-quarantined-files.txt 2010-02-28 00:27

Před spuštěním: 5 076 242 432
Po spuštění: 5 056 507 904

- - End Of File - - E314B4E32CD4020FA5B9A5A808BE962A
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#13 Příspěvek od earl »

:arrow: pokud jste tak jeste neucinil(a), presunte Combofix na plochu

otevrete si Poznamkovy blok

do nej zkopirujte skript z nasledujiciho okna:

Kód: Vybrat vše

KillAll::
Folder::
c:\program files\TeaTimer (Spybot - Search & Destroy)
c:\program files\File Scanner Library (Spybot - Search & Destroy)
c:\program files\Spybot - Search & Destroy
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\.application\bootstrap]
Registry::
[-HKEY_LOCAL_MACHINE\software\Classes\.application\bootstrap]
ulozte vami vytvoreny textovy soubor jako CFScript.txt na plochu

po ulozeni uchopte vami vytvoreny skript levym tlacitkem mysi a presunte jej nad ikonu Combofixu, nad niz skript upustte:

Obrázek

po aplikaci by na vas mel vyskocit dalsi log, vlozte jej sem

Upozorneni: je mozne, ze po aplikaci skriptu a restartu nenabehnou Windows, v takovem pripade znovu restartujte, po restartu mackejte F8 a zvolte Posledni znamou funkcni konfiguraci
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
The.Brain
Návštěvník
Návštěvník
Příspěvky: 96
Registrován: 27 črc 2009 11:03

Re: Firefox načítá stránky nezvykle pomalu

#14 Příspěvek od The.Brain »

ComboFix 10-02-27.04 - Tomáš Křivánek 28.02.2010 11:41:46.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.397 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tomáš Křivánek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tomáš Křivánek\Plocha\CFScript.txt
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Sunbelt Personal Firewall *enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\File Scanner Library (Spybot - Search & Destroy)
c:\program files\File Scanner Library (Spybot - Search & Destroy)\advcheck.dll
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\Help\Cesky.Resident.chm
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\TeaTimer (Spybot - Search & Destroy)
c:\program files\TeaTimer (Spybot - Search & Destroy)\FJWFIQGUUPOJKCVJ.scr
c:\program files\TeaTimer (Spybot - Search & Destroy)\TeaTimer.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.

2010-02-14 11:25 . 2010-02-14 11:25 -------- d-----w- c:\program files\Common Files\Skype
2010-02-14 11:24 . 2010-02-14 11:25 -------- d-----r- c:\program files\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 11:26 . 2008-07-12 10:31 -------- d-----w- c:\program files\lg_fwupdate
2010-02-27 14:53 . 2008-11-01 22:15 1550 ----a-w- c:\windows\system32\drivers\fwdrv.err
2010-02-27 14:44 . 2009-07-31 17:18 -------- d-----w- c:\program files\CCleaner
2010-02-27 14:03 . 2009-07-27 10:16 -------- d-----w- c:\program files\trend micro
2010-02-24 08:16 . 2009-10-01 00:34 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-17 20:30 . 2009-03-18 00:12 -------- d-----w- c:\program files\ICQ6.5
2010-02-15 04:30 . 2007-11-19 19:03 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-07 08:34 . 2002-09-23 12:00 90180 ----a-w- c:\windows\system32\perfc005.dat
2010-02-07 08:34 . 2002-09-23 12:00 460402 ----a-w- c:\windows\system32\perfh005.dat
2010-02-04 14:56 . 2003-12-19 06:57 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-21 19:56 . 2009-06-05 22:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-05 09:58 . 2004-01-16 05:56 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2001-10-25 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2001-10-25 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2004-08-05 13:53 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2001-10-25 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2001-10-25 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2001-10-24 11:46 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2001-10-25 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2004-03-11 11:27 . 2005-03-29 01:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2008-09-14 22:40 . 2008-09-14 22:40 61440 ----a-w- c:\program files\mozilla firefox\components\gemgecko.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-17 490952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-12-08 26694952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 335872]
"SMSERIAL"="sm56hlpr.exe" [2000-11-22 462848]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-10-05 866584]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Reclusa"="c:\program files\Razer\Reclusa\razerhid.exe" [2007-03-07 167936]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-07-12 249856]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMTMon.exe" [2005-07-20 352256]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Games\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15002:TCP"= 15002:TCP:BitComet 15002 TCP
"15002:UDP"= 15002:UDP:BitComet 15002 UDP

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.11.2006 12:52 717296]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 10:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 10:21 72624]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18.3.2009 1:15 222456]
R2 PPCLASS;PPCLASS;c:\windows\system32\drivers\ppclass.sys [13.4.2004 19:05 85868]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26.4.2007 10:21 1234480]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [5.10.2006 22:11 13592]
R3 RecFltr;Reclusa Keyboard;c:\windows\system32\drivers\RecFltr.sys [28.11.2007 19:27 41984]
S1 aswSP;avast! Self Protection; [x]
S2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 279552]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 PPSCAN;PPSCAN;c:\windows\system32\drivers\ppscan.sys [13.4.2004 19:05 115136]
S2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [18.1.2009 0:18 25984]
S3 cirrus;cirrus;c:\windows\system32\drivers\cirrus.sys [12.11.2005 19:22 45696]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-07-02 15:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxy.karneval.cz:3128
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\www
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tomáš Křivánek\Data aplikací\Mozilla\Firefox\Profiles\vwsflc58.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 12:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = c:\windows\713xRMTMon.exe???????????????T?a?0D;?m?a?????????????????????????????????x?;?????????????????????????????????x?;?????8D;?????????T?a?x?;?m?a????????????????|?D;?????????????????????????????????????????????????????x?;?????T?a?h?o?m?a???????????A????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spyt.sys >>UNKNOWN [0x86B7E938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf7326cb8
\Driver\atapi -> atapi.sys @ 0xf72bbb40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-117609710-1770027372-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:72,39,3f,2a,a0,07,8c,49,44,36,a8,11,2b,d7,8b,b6,f0,f4,ba,59,60,94,4c,
e8,43,4a,56,2b,c5,da,c6,04,21,79,73,4e,59,8b,81,a1,8e,e8,1b,81,6b,11,f8,0d,\
"??"=hex:5b,38,f5,31,d3,d9,38,36,97,56,a2,92,fa,09,3b,f9
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1144)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3940)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\UAService7.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Razer\Reclusa\razertra.exe
c:\program files\Microsoft IntelliPoint\dpupdchk.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-02-28 12:37:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-28 11:36
ComboFix2.txt 2010-02-28 00:27

Před spuštěním: 5 540 085 760
Po spuštění: 5 502 435 328

- - End Of File - - 83E03CDA6863A5994DFEE85C6B68744F
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: Firefox načítá stránky nezvykle pomalu

#15 Příspěvek od earl »

Jak se chova pc nyni?
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“