Jump to content

faq

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I need help with my files, please. For some reason Gmer is the only one that detects intrusion, everything else (including detection program) is passing by unharmed unless it is linked to a ''pup''. Running a copy legit of windows 8, I download a bit here and there but I'm not a heavy surfer. I don't want to reformat, are there any solutions? I tried even Trojan remover and unhack me nothing works to remove the problems (which I guess are rootkits, worms and trojans) Thanks in advance GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-10-28 10:54:38 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000039 WDC_WD7500BPVX-22JC3T0 rev.01.01A01 698.64GB Running: gmer.exe; Driver: C:\Temp\uxtiqpog.sys ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [596:624] fffff960008ad5e8 Thread C:\Windows\system32\svchost.exe [900:3860] 000007fde01410f0 Thread C:\Windows\system32\svchost.exe [900:5388] 000007fde4555c38 Thread C:\Windows\System32\spoolsv.exe [1536:4736] 000007fde66e54c0 Thread C:\Windows\System32\spoolsv.exe [1536:4740] 000007fde66c30ec Thread C:\Windows\System32\spoolsv.exe [1536:4768] 000007fdde2b5798 Thread C:\Windows\System32\spoolsv.exe [1536:4776] 000007fdde2fd29c Thread C:\Windows\system32\svchost.exe [2728:2832] 000007fde66e54c0 Thread C:\Windows\system32\svchost.exe [2728:472] 000007fde66c30ec ---- EOF - GMER 2.1 ---- GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-10-29 08:29:39 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000038 WDC_WD7500BPVX-22JC3T0 rev.01.01A01 698.64GB Running: healer.exe; Driver: C:\Temp\uxtiqpog.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000132b00 1 byte [00] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 2 fffff96000132b02 5 bytes [7E, 01, 00, 58, F2] ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\atiesrxx.exe[496] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\atiesrxx.exe[496] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\atieclxx.exe[1164] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\atieclxx.exe[1164] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-10-29 08:44:28 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000038 WDC_WD7500BPVX-22JC3T0 rev.01.01A01 698,64GB Running: healer.exe; Driver: C:\Temp\uxtiqpog.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000132b00 1 byte [00] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 2 fffff96000132b02 5 bytes [7E, 01, 00, 58, F2] ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\atiesrxx.exe[496] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\atiesrxx.exe[496] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\dwm.exe[844] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\atieclxx.exe[1164] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\atieclxx.exe[1164] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE[1076] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE[1076] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\wbem\wmiprvse.exe[4012] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\System32\svchost.exe[4260] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\svchost.exe[4448] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\wbem\unsecapp.exe[4612] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\SearchIndexer.exe[5832] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskhostex.exe[4172] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrl.exe[4344] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDTouch.exe[5932] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\Explorer.EXE[5944] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\Explorer.EXE[5944] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\Explorer.EXE[5944] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Elantech\ETDCtrlHelper.exe[5144] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\SysWOW64\trmhost.exe[4904] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe[3724] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1376] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE[2332] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f8c20e177a 4 bytes [0E, C2, F8, 07] .text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[6336] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f8c20e1782 4 bytes [0E, C2, F8, 07] .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\wbem\unsecapp.exe[6456] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\System32\RuntimeBroker.exe[1616] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskhost.exe[11996] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8c42f2de0 5 bytes JMP 000007f9b69c1d00 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8c42f2f00 5 bytes JMP 000007f9b69c1810 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent 000007f8c42f2fe0 5 bytes JMP 000007f9b69c2090 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant 000007f8c42f35c1 5 bytes JMP 000007f9b69c20f0 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore 000007f8c42f3651 5 bytes JMP 000007f9b69c2150 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\system32\KERNELBASE.dll!ResumeThread 000007f8c1566560 5 bytes JMP 000007f9b69c1f50 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\system32\KERNELBASE.dll!CreateProcessInternalW 000007f8c156b970 5 bytes JMP 000007f9b69c19c0 .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8bcff1532 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8bcff153a 4 bytes [FF, BC, F8, 07] .text C:\Windows\system32\taskeng.exe[13728] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8bcff165a 4 bytes [FF, BC, F8, 07] ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [648:672] fffff9600099e5e8 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----
  2. and just for the record, I'm not going on adult websites and the only time Io do financial transactions is with paypal. Definintely not the type of person who will enter his credit card information on a site that will make me a sitting duck after. I don't even go and watch free content from overseas and I'm not some elder age citizen with a loaded wallet visiting places of ill repute. So I'm definitely thinking this has to do with spying because the surrounding businesses are obviously competing with this one, the connection is almost public, the password probably hasn't been changed and many people from throughout the world use it for their personal needs. Thought I'd tell. Now please and thank you, have a nice day and I appreciate any suggestions. 10-4
  3. This could be a serious issue, I'm not a super rich person but I'm making more than my coworkers who could be jealous/thinking of seeding my computer I tried deleting my actual user in windows 8 but it didn'T work, the other new user only had guest features even if I gave it full administrator. I also have a partitioned hard drive I was planning on installing linux but never did. Could malicious programs use this (dead) memory space, my processor, and my RAM to infect with bot nets? I have a clean ''task manager'' and other interfaces are ok too. I am in America now but travelled in Asia once with that computer in the past and I brought another one too. But I'm back and there are no reasons that this should happen unless someone is actively trying to jack in my files. I never noticed any stolen information but those added spices are making my computer time unliveable. Thank you.
  4. Good morning/evening I've read many posts here and elsewhere, installed the required/suggested programs and finally thought it would be wise to add my problem to the pile :s It's been a while since the computer is kind of slow, I installed all the updates, windows, java, flash, the malware byte rootkit remover and malware remover, super anti spyware, changed comodo for zone alaram, and now I'm having spyware cease/Avg /adva canced system care, GMER (so far the only one that actually recognizes something and allows me to kill process but they pop randomly) and I know what false positives are, etc,registry cleaners... ...the thing is, all of a sudden Korean and Mandarin characters are popping in GMEr and I've never seen them before. It's brutally annoying, I work for a japanese-owned company and wonder if it's not industrial spying. I'm in North America, with lots of co workers from Asia and this could also be a possibility. It's very frustrating as I did all the search for the corrupt csrss.exe file and obviously won't find it. I'd join screen shots so you can see, some repeating threads but mostly program jacking. I also used panda cloud scanner/rogue killer/ kapersky/eset all to no avail/real result it seems they only look for english characters and they did remove a few PUP and adware but nothing serious. I Tried moving everything to another user (that I just created) and before I report this to my employer as a serious issue I'd like to have some Idea ( are there apps I can use to track the origin of the sender so I can show those smart asses a lesson? This has been burning lots of time I'M working as you all are I suppose and a part time student as well. *update:I've been working with computers for a while so don'T worry and suggest me a straight up solution. The regedit won'T detect the csrss.exe file but the virus keeps emulating it along with .32 processes. I also noticed that gmer mentions a windows without capital w but the other times it has it.Ask for the logs if you'd like but they show nothing. 0, zilch, nada. I guess I could try to ''search for the chinese character meaning'' if it can bebackdoor stuff.txtproblemz.txtRkill.txtshiiiiiiiiit.txt tracked from the photo. I've only seen those kinds of post a few times and I don't mean to be racist but I studied in cyber criminology and was told asian script kiddies&seasonal criminals are fond of unweary american cyber surfer's funds. Thanks in advance!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.