Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Viskakuju mi web stranky:(
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Viskakuju mi web stranky:(
Vihodilo mi mbr.log a je taky isty aky som uz pisal v predposlednej sprave
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Viskakuju mi web stranky:(
Ano vsetko som zrobil ako si pisal tie stranky mi us neviskakuju je este potrebny tento krok robit
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Viskakuju mi web stranky:(
spustil som ten gmer co dalej
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Viskakuju mi web stranky:(
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-26 08:08:14
Windows 6.1.7600
Running: 1kpxulyj.exe; Driver: C:\Users\Ivan\AppData\Local\Temp\pxldypoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2010-04-26 08:08:14
Windows 6.1.7600
Running: 1kpxulyj.exe; Driver: C:\Users\Ivan\AppData\Local\Temp\pxldypoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Re: Viskakuju mi web stranky:(
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-26 08:19:44
Windows 6.1.7600
Running: 1kpxulyj.exe; Driver: C:\Users\Ivan\AppData\Local\Temp\pxldypoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x81C3AFEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [81C3AFEC] ZwCreateKey [0x81C3AFEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x81C3AFF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [81C3AFF1] ZwOpenKey [0x81C3AFF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 81C3AFFB
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1DAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C05634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C05898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1DF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1E1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 81C7D5C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81CA2052 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 338 81CA9938 3 Bytes [EC, AF, C3] {IN AL, DX ; SCASD ; RET }
.text ntkrnlpa.exe!RtlSidHashLookup + 4F8 81CA9AF8 3 Bytes [F1, AF, C3] {INT1 ; SCASD ; RET }
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0xA0E2D000, 0x47E35, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0xA0E81224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0xA0E81000, 0x4000, 0xE20000E0]
.text peauth.sys A0E95C9E 27 Bytes [3A, FA, FD, BA, 61, 2C, 72, ...]
.text peauth.sys A0E95CC2 27 Bytes [3A, FA, FD, BA, 61, 2C, 72, ...]
PAGE peauth.sys A0E9BB9C 71 Bytes [7A, 02, 5E, E0, 03, 5E, 0C, ...]
PAGE peauth.sys A0E9BBED 110 Bytes [C9, 29, 0B, 17, A0, B2, C7, ...]
PAGE peauth.sys A0E9BE21 100 Bytes [82, 7F, DD, B7, 5C, 3C, A7, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[5640] ntdll.dll!LdrLoadDll 770BF585 5 Bytes JMP 013713F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73942494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73925624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [739256E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7394250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73938573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73934D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [739350CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [739351A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [739366D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [739382CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73938819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7393907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7393E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73934C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004f halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Disk \Device\Harddisk0\DR0 aksfridge.sys
Device \Driver\Disk \Device\Harddisk1\DR1 aksfridge.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00081b076547
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00081b076547@002109e057ea 0xE8 0x2A 0xB4 0x4C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00081b076547 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00081b076547@002109e057ea 0xE8 0x2A 0xB4 0x4C ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBB9D08C-A323-36BA-4145-FD54E6983B9F}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBB9D08C-A323-36BA-4145-FD54E6983B9F}@majcfkfcbcnbfpopfkjfkepkfp 0x6A 0x61 0x6C 0x65 ...
---- EOF - GMER 1.0.15 ----
Rootkit scan 2010-04-26 08:19:44
Windows 6.1.7600
Running: 1kpxulyj.exe; Driver: C:\Users\Ivan\AppData\Local\Temp\pxldypoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x81C3AFEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [81C3AFEC] ZwCreateKey [0x81C3AFEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x81C3AFF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [81C3AFF1] ZwOpenKey [0x81C3AFF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 81C3AFFB
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1DAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C05634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C05898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1D6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1DF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C1E1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 81C7D5C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81CA2052 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 338 81CA9938 3 Bytes [EC, AF, C3] {IN AL, DX ; SCASD ; RET }
.text ntkrnlpa.exe!RtlSidHashLookup + 4F8 81CA9AF8 3 Bytes [F1, AF, C3] {INT1 ; SCASD ; RET }
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0xA0E2D000, 0x47E35, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0xA0E81224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0xA0E81000, 0x4000, 0xE20000E0]
.text peauth.sys A0E95C9E 27 Bytes [3A, FA, FD, BA, 61, 2C, 72, ...]
.text peauth.sys A0E95CC2 27 Bytes [3A, FA, FD, BA, 61, 2C, 72, ...]
PAGE peauth.sys A0E9BB9C 71 Bytes [7A, 02, 5E, E0, 03, 5E, 0C, ...]
PAGE peauth.sys A0E9BBED 110 Bytes [C9, 29, 0B, 17, A0, B2, C7, ...]
PAGE peauth.sys A0E9BE21 100 Bytes [82, 7F, DD, B7, 5C, 3C, A7, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[5640] ntdll.dll!LdrLoadDll 770BF585 5 Bytes JMP 013713F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73942494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73925624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [739256E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7394250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73938573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73934D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [739350CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [739351A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [739366D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [739382CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73938819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7393907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7393E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73934C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[1824] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004f halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Disk \Device\Harddisk0\DR0 aksfridge.sys
Device \Driver\Disk \Device\Harddisk1\DR1 aksfridge.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00081b076547
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00081b076547@002109e057ea 0xE8 0x2A 0xB4 0x4C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00081b076547 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00081b076547@002109e057ea 0xE8 0x2A 0xB4 0x4C ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBB9D08C-A323-36BA-4145-FD54E6983B9F}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CBB9D08C-A323-36BA-4145-FD54E6983B9F}@majcfkfcbcnbfpopfkjfkepkfp 0x6A 0x61 0x6C 0x65 ...
---- EOF - GMER 1.0.15 ----
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Viskakuju mi web stranky:(
Teraz je ok diky moc
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?