1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved google redirect virus for vista

Discussion in 'Malware and Virus Removal Archive' started by ebsgirl, 2011/01/01.

Page 1 of 4
  1. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    [Resolved] google redirect virus for vista

    HI...I have a virus that is redirecting my google links to random pages...I have ran MBAM and multiple other programs (tdsskiller, eset online, GMER), and still can't seem to get this off...Ive had the virus before a few months back and thought I had removed it ( along with about 100 other viruses), but its back and need help removing it before my system gets as bad as it was before (locked out of all security, constant crashing, etc)...any advice I would greatly appreciate..thanks so much
     
    ebsgirl,
    #1
  2. 2011/01/01
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Welcome to WindowsBBS :)

    Please read this as indicated at the head of the forum and post the logs requested in this thread.
     
    PeteC,
    #2


  3. to hide this advert.

  4. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    sorry...my computer started crashing and i wanted to get something up while i could...i got the logs as requested...i appreciate your help


    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 5438

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18999

    1/1/2011 1:55:31 PM
    mbam-log-2011-01-01 (13-55-31).txt

    Scan type: Quick scan
    Objects scanned: 150529
    Time elapsed: 7 minute(s), 9 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 4
    Registry Values Infected: 1
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{e312764e-7706-43f1-8dab-fcdd2b1e416d} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (PUP.Dealio) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e312764e-7706-43f1-8dab-fcdd2b1e416d} (PUP.Dealio) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\mscjmquick (Trojan.Agent) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b1c57204-5091-4c47-8eed-2fa742eaa100}\NameServer (Trojan.DNSChanger) -> Data: 77.78.240.21,8.8.8.8 -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)





    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows Vista Home Premium Edition
    Windows Information: Service Pack 2 (build 6002), 32-bit
    Base Board Manufacturer: ECS
    BIOS Manufacturer: Phoenix Technologies, LTD
    System Manufacturer: Compaq-Presario
    System Product Name: NC696AA-ABA SR5710Y
    Logical Drives Mask: 0x0000001c

    Kernel Drivers (total 143):
    0x82406000 \SystemRoot\system32\ntkrnlpa.exe
    0x827BF000 \SystemRoot\system32\hal.dll
    0x86FCF000 \SystemRoot\system32\kdcom.dll
    0x80606000 \SystemRoot\system32\PSHED.dll
    0x80617000 \SystemRoot\system32\BOOTVID.dll
    0x8061F000 \SystemRoot\system32\CLFS.SYS
    0x80660000 \SystemRoot\system32\CI.dll
    0x80740000 \SystemRoot\System32\drivers\fsfvc.sys
    0x8074E000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x807CA000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x82A0F000 \SystemRoot\system32\drivers\acpi.sys
    0x82A55000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x82A5E000 \SystemRoot\system32\drivers\msisadrv.sys
    0x82A66000 \SystemRoot\system32\drivers\pci.sys
    0x82A8D000 \SystemRoot\System32\drivers\partmgr.sys
    0x82A9C000 \SystemRoot\system32\drivers\volmgr.sys
    0x82AAB000 \SystemRoot\System32\drivers\volmgrx.sys
    0x82AF5000 \SystemRoot\system32\drivers\pciide.sys
    0x82AFC000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x82B0A000 \SystemRoot\System32\drivers\mountmgr.sys
    0x82B1A000 \SystemRoot\system32\drivers\nvraid.sys
    0x82B35000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x82B56000 \SystemRoot\system32\drivers\atapi.sys
    0x82B5E000 \SystemRoot\system32\drivers\ataport.SYS
    0x82B7C000 \SystemRoot\system32\DRIVERS\nvstor32.sys
    0x82BA1000 \SystemRoot\system32\DRIVERS\storport.sys
    0x82C06000 \SystemRoot\system32\drivers\fltmgr.sys
    0x82C38000 \SystemRoot\system32\drivers\fileinfo.sys
    0x82C48000 \SystemRoot\System32\Drivers\PxHelp20.sys
    0x82C51000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x82CC2000 \SystemRoot\system32\drivers\ndis.sys
    0x82DCD000 \SystemRoot\system32\drivers\msrpc.sys
    0x82E07000 \SystemRoot\system32\drivers\NETIO.SYS
    0x82E42000 \SystemRoot\System32\drivers\tcpip.sys
    0x82F2C000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8A40F000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x8A51F000 \SystemRoot\system32\drivers\volsnap.sys
    0x8A558000 \SystemRoot\System32\Drivers\spldr.sys
    0x8A560000 \SystemRoot\System32\Drivers\mup.sys
    0x8A56F000 \SystemRoot\System32\drivers\ecache.sys
    0x8A596000 \SystemRoot\system32\drivers\disk.sys
    0x8A5A7000 \SystemRoot\system32\drivers\crcdisk.sys
    0x8A5EC000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x8A5F7000 \SystemRoot\system32\DRIVERS\tunmp.sys
    0x82F47000 \SystemRoot\system32\DRIVERS\amdk8.sys
    0x82F57000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x8A400000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x82F6A000 \SystemRoot\system32\DRIVERS\usbohci.sys
    0x82F74000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x82FB2000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x8E80F000 \SystemRoot\system32\DRIVERS\HSXHWBS2.sys
    0x8E85B000 \SystemRoot\system32\DRIVERS\ks.sys
    0x8E885000 \SystemRoot\system32\DRIVERS\HSX_DP.sys
    0x8F004000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
    0x8F0B9000 \SystemRoot\system32\drivers\modem.sys
    0x8F0C6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x8F307000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x8F31F000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x8F40E000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    0x8FDAB000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
    0x8F324000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x8FDAD000 \SystemRoot\System32\drivers\watchdog.sys
    0x8FDB9000 \SystemRoot\system32\DRIVERS\msiscsi.sys
    0x8FDE8000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8F3C5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x8FDF3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x8F3DC000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x8F153000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8F162000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8F176000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x8F18B000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x8F400000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x8F40B000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x8F19B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x8F1A5000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x8F1B2000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x8F1E7000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x8FE0E000 \SystemRoot\system32\drivers\RTKVHDA.sys
    0x90045000 \SystemRoot\system32\drivers\portcls.sys
    0x90072000 \SystemRoot\system32\drivers\drmk.sys
    0x90097000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0x900A0000 \SystemRoot\System32\Drivers\Null.SYS
    0x900A7000 \SystemRoot\System32\Drivers\Beep.SYS
    0x900B7000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x900BE000 \SystemRoot\System32\drivers\vga.sys
    0x900CA000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x900EB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x900F3000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x900FB000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x90106000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x90114000 \SystemRoot\System32\DRIVERS\rasacd.sys
    0x9011D000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x90133000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0x9013D000 \SystemRoot\system32\DRIVERS\smb.sys
    0x90151000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x90183000 \SystemRoot\system32\drivers\afd.sys
    0x901CB000 \SystemRoot\System32\Drivers\aswRdr.SYS
    0x901D0000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x901E6000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x8E987000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x8E99A000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x901F4000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x8E9D6000 \SystemRoot\System32\Drivers\dfsc.sys
    0x9020F000 \SystemRoot\System32\Drivers\aswSP.SYS
    0x90256000 \SystemRoot\system32\DRIVERS\KMWDFILTER.sys
    0x9025F000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x90268000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x90278000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x9027A000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x90282000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x9028F000 \SystemRoot\System32\Drivers\dump_diskdump.sys
    0x90299000 \SystemRoot\System32\Drivers\dump_nvstor32.sys
    0x93CA0000 \SystemRoot\System32\win32k.sys
    0x902BE000 \SystemRoot\System32\drivers\Dxapi.sys
    0x902C8000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x93EC0000 \SystemRoot\System32\TSDDD.dll
    0x93EE0000 \SystemRoot\System32\cdd.dll
    0x93EF0000 \SystemRoot\System32\ATMFD.DLL
    0x902D7000 \SystemRoot\system32\drivers\luafv.sys
    0x902F2000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
    0x90329000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
    0x9032C000 \SystemRoot\system32\drivers\spsys.sys
    0x903DC000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x903EC000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0xA5E0D000 \SystemRoot\system32\drivers\HTTP.sys
    0xA5E7A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0xA5E97000 \SystemRoot\system32\DRIVERS\bowser.sys
    0xA5EB0000 \SystemRoot\System32\drivers\mpsdrv.sys
    0xA5EC5000 \SystemRoot\system32\drivers\mrxdav.sys
    0xA5EE6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xA5F05000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0xA5F3E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0xA5F56000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xA5F7E000 \SystemRoot\System32\DRIVERS\srv.sys
    0xA5FCC000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0xA5FE2000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
    0xAA007000 \SystemRoot\system32\drivers\peauth.sys
    0xAA0E5000 \SystemRoot\System32\Drivers\secdrv.SYS
    0xAA0EF000 \SystemRoot\System32\drivers\tcpipreg.sys
    0xAA0FB000 \SystemRoot\system32\DRIVERS\xaudio.sys
    0xAA103000 \??\C:\Users\Owner\AppData\Local\Temp\pwlcapow.sys
    0x8F200000 \SystemRoot\system32\DRIVERS\nvmfdx32.sys
    0x76F10000 \Windows\System32\ntdll.dll

    Processes (total 67):
    0 System Idle Process
    4 System
    452 C:\Windows\System32\smss.exe
    528 csrss.exe
    580 C:\Windows\System32\wininit.exe
    588 csrss.exe
    624 C:\Windows\System32\services.exe
    640 C:\Windows\System32\lsass.exe
    648 C:\Windows\System32\lsm.exe
    672 C:\Windows\System32\winlogon.exe
    832 C:\Windows\System32\svchost.exe
    888 C:\Windows\System32\nvvsvc.exe
    916 C:\Windows\System32\svchost.exe
    968 C:\Windows\System32\svchost.exe
    1040 C:\Windows\System32\svchost.exe
    1120 C:\Windows\System32\svchost.exe
    1272 C:\Windows\System32\audiodg.exe
    1304 C:\Windows\System32\svchost.exe
    1328 C:\Windows\System32\SLsvc.exe
    1372 C:\Windows\System32\svchost.exe
    1424 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    1436 C:\Windows\System32\nvvsvc.exe
    1660 C:\Windows\System32\svchost.exe
    1904 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    1920 C:\Windows\System32\dwm.exe
    1968 C:\Windows\explorer.exe
    1652 C:\Windows\System32\spoolsv.exe
    384 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    1608 C:\Windows\System32\svchost.exe
    2132 C:\Program Files\iTunes\iTunesHelper.exe
    2140 C:\hp\support\hpsysdrv.exe
    2156 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    2328 C:\Program Files\Carbonite\CarbonitePreinstaller.exe
    2388 C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    2424 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    2440 C:\Windows\ehome\ehtray.exe
    2460 C:\Program Files\Windows Sidebar\sidebar.exe
    2540 C:\Windows\ehome\ehmsas.exe
    2824 C:\Windows\System32\svchost.exe
    2856 C:\Windows\System32\svchost.exe
    2892 C:\Windows\System32\CISVC.EXE
    2928 C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
    3120 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    3208 C:\Program Files\Common Files\Motive\McciCMService.exe
    3284 C:\Windows\System32\svchost.exe
    3364 C:\Windows\System32\svchost.exe
    3448 C:\Windows\System32\svchost.exe
    3500 C:\Windows\System32\SearchIndexer.exe
    3572 C:\Windows\System32\drivers\XAudio.exe
    3672 C:\Program Files\iPod\bin\iPodService.exe
    3264 C:\Windows\System32\wbem\unsecapp.exe
    4392 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    3064 C:\Program Files\Internet Explorer\iexplore.exe
    2240 C:\Users\Owner\Desktop\v0gnk0uk.exe
    828 C:\Windows\System32\wermgr.exe
    5652 C:\Windows\System32\svchost.exe
    4692 C:\Program Files\Internet Explorer\iexplore.exe
    4276 C:\Program Files\Internet Explorer\iexplore.exe
    2096 C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe
    4964 C:\Program Files\Internet Explorer\iexplore.exe
    6072 C:\Program Files\Internet Explorer\iexplore.exe
    6012 C:\Program Files\Internet Explorer\iexplore.exe
    3040 C:\Windows\System32\SearchProtocolHost.exe
    5524 C:\Windows\System32\SearchFilterHost.exe
    4364 dllhost.exe
    5500 dllhost.exe
    788 C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HVSMIPRZ\MBRCheck[1].exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`68580800 (NTFS)

    PhysicalDrive0 Model Number: <error opening>

    Size Device Name MBR Status
    --------------------------------------------
    ERROR Opening: \\.\PhysicalDrive0 (32)


    Done!

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/24/2009 10:34:48 AM
    System Uptime: 1/1/2011 6:27:30 PM (0 hours ago)

    Motherboard: ECS | | Iris8
    Processor: AMD Athlon(tm) Dual Core Processor 4450e | Socket AM2 | 2200/201mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 222 GiB total, 118.553 GiB free.
    D: is FIXED (NTFS) - 11 GiB total, 1.067 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Tun Miniport Adapter
    Device ID: ROOT\*TUNMP\0001
    Manufacturer: Microsoft
    Name: Microsoft Tun Miniport Adapter #2
    PNP Device ID: ROOT\*TUNMP\0001
    Service: tunmp

    ==== System Restore Points ===================


    ==== Installed Programs ======================

    µTorrent
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.1
    Akamai NetSession Interface
    ASIO4ALL
    avast! Free Antivirus
    Book of Legends
    Carbonite Online Backup Setup
    CCleaner
    Compatibility Pack for the 2007 Office system
    CyberLink DVD Suite Deluxe
    Epson Easy Photo Print 2
    EPSON NX100 Series Printer Uninstall
    EPSON Scan
    ffdshow
    FL Studio 9
    Google Update Helper
    Hardcore
    Hardware Diagnostic Tools
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Demo
    HP Games
    HP Recovery Manager RSS
    HP Total Care Setup
    HP Update
    HPAsset component for HP Active Support Library
    IL Download Manager
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 21
    Java(TM) 6 Update 7
    Jojo's Fashion Show 2 - Las Cruces
    Juno Preloader
    LabelPrint
    LightScribe System Software 1.14.25.1
    LightScribe Template Labeler
    Malwarebytes' Anti-Malware
    Math Games Level 1 1.0
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Digital Image Library 9 - Blocker
    Microsoft Digital Image Starter Edition 2006
    Microsoft Digital Image Starter Edition 2006 Editor
    Microsoft Digital Image Starter Edition 2006 Library
    Microsoft Flight Simulator X
    Microsoft Office Home and Student 60 day trial
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Web Publishing Wizard 1.52
    Microsoft Works
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MultitrackStudio Lite 6.3
    muvee Reveal
    NVIDIA Control Panel 260.99
    NVIDIA Drivers
    NVIDIA Graphics Driver 260.99
    NVIDIA Install Application
    Photo Pos Pro
    PoiZone
    Power2Go
    PowerDirector
    Python 2.5.2
    QuickTime
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.83
    Sawer
    Seagate Manager Installer
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Shockwave
    Soft Data Fax Modem with SmartCP
    sp44626
    System Requirements Lab
    Toxic Biohazard
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    ==== End Of File ===========================








    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Owner at 18:32:18.23 on Sat 01/01/2011
    Internet Explorer: 8.0.6001.18999
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1709 [GMT -8:00]

    AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files\Carbonite\CarbonitePreinstaller.exe
    C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\svchost.exe -k Akamai
    C:\Windows\system32\svchost.exe -k apphost
    C:\Windows\system32\CISVC.EXE
    C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQZEU368\dds[1].scr

    ============== Pseudo HJT Report ===============

    uSearch Page =
    uSearch Bar = Preserve
    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://www.comcast.net/
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    mWindow Title = Windows Internet Explorer provided by Comcast
    mSearch Bar = hxxp://www.google.com
    uInternet Settings,ProxyServer = http=127.0.0.1:6092
    uInternet Settings,ProxyOverride = <local>
    mSearchAssistant =
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    TB: {2CCDCF0C-04BC-40FF-B040-A7E5A4900151} - No File
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

    ==================== Find3M ====================

    2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-03 18:36:03 31 ----a-w- c:\windows\system32\wmadtdifosini.dll
    2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
    2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-10-19 18:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe
    2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys
    2010-10-16 19:42:20 66664 ----a-w- c:\windows\system32\nvshext.dll
    2010-10-16 19:42:20 600680 ----a-w- c:\windows\system32\nvvsvc.exe
    2010-10-16 19:42:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
    2010-10-16 19:42:16 3420776 ----a-w- c:\windows\system32\nvcpl.dll
    2010-10-16 19:42:12 2079336 ----a-w- c:\windows\system32\nvsvc.dll
    2010-10-16 18:55:00 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
    2010-10-16 18:55:00 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
    2010-10-16 18:55:00 57960 ----a-w- c:\windows\system32\OpenCL.dll
    2010-10-16 18:55:00 4837480 ----a-w- c:\windows\system32\nvcuda.dll
    2010-10-16 18:55:00 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
    2010-10-16 18:55:00 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
    2010-10-16 18:55:00 1719912 ----a-w- c:\windows\system32\nvapi.dll
    2010-10-16 18:55:00 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
    2010-10-16 18:55:00 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
    2010-10-16 18:55:00 10023528 ----a-w- c:\windows\system32\nvd3dum.dll

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 6.0.6002 Disk: Hitachi_ rev.GM2O -> Harddisk0\DR0 ->

    device: opened successfully
    user: MBR read successfully

    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x86C8F555]<<
    _asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x86c957b0]; MOV EAX, [0x86c9582c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
    1 ntkrnlpa!IofCallDriver[0x82463962] -> \Device\Harddisk0\DR0[0x860368E0]
    3 CLASSPNP[0x8072F8B3] -> ntkrnlpa!IofCallDriver[0x82463962] -> [0x85A495C0]
    5 acpi[0x8060C6BC] -> ntkrnlpa!IofCallDriver[0x82463962] -> [0x85A726E0]
    \Driver\nvstor32[0x868F9398] -> IRP_MJ_CREATE -> 0x86C8F555
    kernel: MBR read successfully
    _asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5d; }
    detected disk devices:
    \Device\00000051 -> \??\SCSI#Disk&Ven_Hitachi&Prod_HDP725025GLA#4&ac26b09&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    detected hooks:
    user & kernel MBR OK
    Warning: possible TDL3 rootkit infection !

    ============= FINISH: 18:34:04.82 ===============

    also, just to provide as much info as possible, my computer crashes now (blue screen), it someyimes disables my mouse, as well as won't let me get online sometimes..it says that the host stopped working properly, as well as my tun mini port adaptor 2 is not detected (not sure if thats important or not)..thanks so much for your help
     
    Last edited by a moderator: 2011/01/01
    ebsgirl,
    #3
  5. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    it will not let me paste my DDS.Txt log here..don't know if its the virus preventing me cause it does say that there is a possible rootkey infection in it..any suggestions on how to get this information to you?
     
    ebsgirl,
    #4
  6. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    Gmer log (in parts..too long to post as one reply)

    1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-01 18:11:34
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000032 Hitachi_ rev.GM2O
    Running: v0gnk0uk.exe; Driver: C:\Users\Owner\AppData\Local\Temp\pwlcapow.sys


    ---- System - GMER 1.0.15 ----

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x9022C75E]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x9022C582]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x9022C6BC]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Kernel code sections - GMER 1.0.15 ----

    PAGE ntkrnlpa.exe!ZwLoadDriver 82571DF0 7 Bytes JMP 9022C6C0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ObMakeTemporaryObject 825DD28F 5 Bytes JMP 9022811E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ObInsertObject 82636063 5 Bytes JMP 90229BB8 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!NtCreateSection 82637905 7 Bytes JMP 9022C586 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ZwCreateProcessEx 8269790A 7 Bytes JMP 9022C762 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    ? System32\drivers\fsfvc.sys The system cannot find the path specified. !

    ---- User code sections - GMER 1.0.15 ----
     
    ebsgirl,
    #5
  7. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[384] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[580] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[620] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!CreateServiceW
     
    ebsgirl,
    #6
  8. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    C:\Windows\system32\services.exe[624] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[624] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[640] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[648] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[672] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[832] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\nvvsvc.exe[888] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[916] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[968] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!CreateServiceW
     
    ebsgirl,
    #7
  9. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1120] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ntdll.dll!NtProtectVirtualMemory 76F74D34 5 Bytes JMP 00C2000A
    .text C:\Windows\system32\svchost.exe[1164] ntdll.dll!NtWriteVirtualMemory 76F75674 5 Bytes JMP 00C4000A
    .text C:\Windows\system32\svchost.exe[1164] ntdll.dll!KiUserExceptionDispatcher 76F75DC8 5 Bytes JMP 00C1000A
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] ole32.dll!CoCreateInstance 76479F3E 5 Bytes JMP 00E1000A
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1164] USER32.dll!GetCursorPos 76D60B88 5 Bytes JMP 0126000A
    .text C:\Windows\system32\svchost.exe[1304] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1304] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1372] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1424] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
     
    ebsgirl,
    #8
  10. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iTunes\iTunesHelper.exe[2132] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iTunes\iTunesHelper.exe[2132] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iTunes\iTunesHelper.exe[2132] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iTunes\iTunesHelper.exe[2132] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iTunes\iTunesHelper.exe[2132] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\hp\support\hpsysdrv.exe[2140] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[2156] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Owner\Desktop\v0gnk0uk.exe[2240] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (a
     
    ebsgirl,
    #9
  11. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    vast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Carbonite\CarbonitePreinstaller.exe[2328] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe[2388] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehtray.exe[2440] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[2460] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\ehome\ehmsas.exe[2540] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe[2564] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\wmiprvse.exe[2572] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2824] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2856] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
     
    ebsgirl,
    #10
  12. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    .text C:\Windows\system32\svchost.exe[2856] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\CISVC.EXE[2892] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe[2928] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Internet Explorer\iexplore.exe[3064] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[3120] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Motive\McciCMService.exe[3208] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wbem\unsecapp.exe[3264] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3284] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[3364] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[3448] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[3500] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\DRIVERS\xaudio.exe[3572] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\iPod\bin\iPodService.exe[3672] USER32.dll!UnhookWinEvent
     
    ebsgirl,
    #11
  13. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ntdll.dll!LdrLoadDll 76F39390 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ntdll.dll!LdrUnloadDll 76F4BA50 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!CreateServiceW 75879EB4 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!DeleteService 7587A07E 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!SetServiceObjectSecurity 758B6CD9 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!ChangeServiceConfigA 758B6DD9 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!ChangeServiceConfigW 758B6F81 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!ChangeServiceConfig2A 758B7099 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!ChangeServiceConfig2W 758B71E1 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] ADVAPI32.dll!CreateServiceA 758B72A1 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] USER32.dll!SetWindowsHookExA 76D46322 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] USER32.dll!SetWindowsHookExW 76D487AD 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] USER32.dll!UnhookWindowsHookEx 76D498DB 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] USER32.dll!SetWinEventHook 76D49F3A 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[4392] USER32.dll!UnhookWinEvent 76D4C06F 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    Device \Device\00000051 -> \??\SCSI#Disk&Ven_Hitachi&Prod_HDP725025GLA#4&ac26b09&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

    ---- Files - GMER 1.0.15 ----

    File C:\Windows\Temp\fla24B3.tmp 0 bytes
    File C:\Windows\Temp\flaA1B1.tmp 0 bytes

    ---- EOF - GMER 1.0.15 ----
     
    ebsgirl,
    #12
  14. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    the last twp posts were the second half of the DDS.txt log..it will not let me post the first half..it keeps going to (internet not connected)
     
    ebsgirl,
    #13
  15. 2011/01/01
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You simply have to pay attention, what your computer screen says.
    If it says, that your post will need a moderator approval, you just do that...wait for an approval.
    Now, I have to sort out all duplicate logs...
     
    broni,
    #14
  16. 2011/01/01
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===============================================================

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
    broni,
    #15
  17. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    I apologize...my screen kept going to internet disconnected as soon as i hit post..i did recieve one notice saying waiting for approval...but that was after my internet connection dropping several times..i do sincerely apologize...i appreciate the help and am not trying to make thins difficult on you...
     
    ebsgirl,
    #16
  18. 2011/01/01
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    No problem :)

    It should be better after you run TDSSKiller.
     
    broni,
    #17
  19. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    2011/01/01 20:55:56.0076 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
    2011/01/01 20:55:56.0076 ================================================================================
    2011/01/01 20:55:56.0076 SystemInfo:
    2011/01/01 20:55:56.0076
    2011/01/01 20:55:56.0076 OS Version: 6.0.6002 ServicePack: 2.0
    2011/01/01 20:55:56.0076 Product type: Workstation
    2011/01/01 20:55:56.0076 ComputerName: OWNER-PC
    2011/01/01 20:55:56.0076 UserName: Owner
    2011/01/01 20:55:56.0076 Windows directory: C:\Windows
    2011/01/01 20:55:56.0076 System windows directory: C:\Windows
    2011/01/01 20:55:56.0076 Processor architecture: Intel x86
    2011/01/01 20:55:56.0076 Number of processors: 2
    2011/01/01 20:55:56.0076 Page size: 0x1000
    2011/01/01 20:55:56.0076 Boot type: Normal boot
    2011/01/01 20:55:56.0076 ================================================================================
    2011/01/01 20:55:56.0357 Initialize success
    2011/01/01 20:56:00.0990 ================================================================================
    2011/01/01 20:56:00.0990 Scan started
    2011/01/01 20:56:00.0990 Mode: Manual;
    2011/01/01 20:56:00.0990 ================================================================================
    2011/01/01 20:56:02.0238 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/01/01 20:56:02.0363 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    2011/01/01 20:56:02.0488 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    2011/01/01 20:56:02.0628 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    2011/01/01 20:56:02.0706 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    2011/01/01 20:56:02.0815 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/01/01 20:56:02.0924 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    2011/01/01 20:56:03.0018 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/01/01 20:56:03.0127 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    2011/01/01 20:56:03.0205 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    2011/01/01 20:56:03.0268 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    2011/01/01 20:56:03.0392 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    2011/01/01 20:56:03.0486 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/01/01 20:56:03.0580 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    2011/01/01 20:56:03.0626 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    2011/01/01 20:56:03.0782 aswFsBlk (540e2a0daa90b5bd29c1c088a7dd5ea6) C:\Windows\system32\drivers\aswFsBlk.sys
    2011/01/01 20:56:03.0907 aswMonFlt (4587f7cfc6066543c963320146dbdacf) C:\Windows\system32\drivers\aswMonFlt.sys
    2011/01/01 20:56:03.0970 aswRdr (1ddf53aa0fff9914e85c9f6a959dea25) C:\Windows\system32\drivers\aswRdr.sys
    2011/01/01 20:56:04.0016 aswSP (c267569543a37cbfc9938856a5d038eb) C:\Windows\system32\drivers\aswSP.sys
    2011/01/01 20:56:04.0110 aswTdi (81f5627c7c2a79833e4f768f2ed2bd8d) C:\Windows\system32\drivers\aswTdi.sys
    2011/01/01 20:56:04.0219 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/01/01 20:56:04.0313 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/01/01 20:56:04.0391 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/01/01 20:56:04.0484 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    2011/01/01 20:56:04.0547 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    2011/01/01 20:56:04.0594 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/01/01 20:56:04.0672 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/01/01 20:56:04.0750 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/01/01 20:56:04.0796 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/01/01 20:56:04.0890 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/01/01 20:56:04.0921 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/01/01 20:56:04.0984 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/01/01 20:56:05.0062 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/01/01 20:56:05.0108 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/01/01 20:56:05.0155 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    2011/01/01 20:56:05.0218 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/01/01 20:56:05.0311 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    2011/01/01 20:56:05.0374 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    2011/01/01 20:56:05.0436 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    2011/01/01 20:56:05.0483 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    2011/01/01 20:56:05.0592 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/01/01 20:56:05.0670 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/01/01 20:56:05.0748 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/01/01 20:56:05.0795 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/01/01 20:56:05.0888 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/01/01 20:56:05.0966 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/01/01 20:56:06.0013 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    2011/01/01 20:56:06.0122 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    2011/01/01 20:56:06.0216 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/01/01 20:56:06.0294 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/01/01 20:56:06.0341 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/01/01 20:56:06.0434 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/01/01 20:56:06.0497 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/01/01 20:56:06.0559 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/01/01 20:56:06.0622 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/01/01 20:56:06.0731 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/01/01 20:56:06.0778 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/01/01 20:56:06.0887 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/01/01 20:56:06.0965 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/01/01 20:56:07.0058 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/01/01 20:56:07.0121 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2011/01/01 20:56:07.0183 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/01/01 20:56:07.0292 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    2011/01/01 20:56:07.0355 HSF_DP (78c88781fbd2fdd3bcba09f58897fe45) C:\Windows\system32\DRIVERS\HSX_DP.sys
    2011/01/01 20:56:07.0448 HSXHWBS2 (1e289f978d1e6f11db88d4fcb2f9d92f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
    2011/01/01 20:56:07.0511 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    2011/01/01 20:56:07.0604 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    2011/01/01 20:56:07.0651 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/01/01 20:56:07.0698 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    2011/01/01 20:56:07.0807 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/01/01 20:56:07.0932 IntcAzAudAddService (84ed2154239f9d013bbd3220755ada8b) C:\Windows\system32\drivers\RTKVHDA.sys
    2011/01/01 20:56:08.0041 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    2011/01/01 20:56:08.0088 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/01/01 20:56:08.0119 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/01/01 20:56:08.0400 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    2011/01/01 20:56:08.0431 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/01/01 20:56:08.0494 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/01/01 20:56:08.0556 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    2011/01/01 20:56:08.0650 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/01/01 20:56:08.0743 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/01/01 20:56:08.0790 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/01/01 20:56:08.0821 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/01/01 20:56:08.0884 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/01/01 20:56:08.0946 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
    2011/01/01 20:56:09.0040 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/01/01 20:56:09.0133 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/01/01 20:56:09.0242 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    2011/01/01 20:56:09.0274 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    2011/01/01 20:56:09.0352 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/01/01 20:56:09.0430 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/01/01 20:56:09.0492 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    2011/01/01 20:56:09.0539 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    2011/01/01 20:56:09.0632 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    2011/01/01 20:56:09.0679 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/01/01 20:56:09.0726 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/01/01 20:56:09.0773 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/01/01 20:56:09.0820 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/01/01 20:56:09.0866 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/01/01 20:56:09.0913 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    2011/01/01 20:56:09.0960 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/01/01 20:56:10.0038 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/01/01 20:56:10.0116 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    2011/01/01 20:56:10.0225 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    2011/01/01 20:56:10.0319 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/01/01 20:56:10.0381 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/01/01 20:56:10.0459 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/01/01 20:56:10.0522 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/01/01 20:56:10.0600 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    2011/01/01 20:56:10.0678 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    2011/01/01 20:56:10.0787 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/01/01 20:56:10.0818 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/01/01 20:56:10.0865 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/01/01 20:56:10.0958 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/01/01 20:56:11.0005 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/01/01 20:56:11.0068 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/01/01 20:56:11.0161 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/01/01 20:56:11.0239 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/01/01 20:56:11.0348 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/01/01 20:56:11.0442 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/01/01 20:56:11.0567 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2011/01/01 20:56:11.0614 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/01/01 20:56:11.0723 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/01/01 20:56:11.0785 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/01/01 20:56:11.0832 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/01/01 20:56:11.0879 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2011/01/01 20:56:11.0957 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2011/01/01 20:56:12.0082 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2011/01/01 20:56:12.0160 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/01/01 20:56:12.0206 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2011/01/01 20:56:12.0316 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/01/01 20:56:12.0362 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2011/01/01 20:56:12.0425 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/01/01 20:56:12.0487 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
    2011/01/01 20:56:12.0862 nvlddmkm (bd409de5681c74c1de51d72427dc202d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2011/01/01 20:56:13.0033 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    2011/01/01 20:56:13.0080 nvrd32 (085e88101d0d4b321abf9c7e2b6ee99d) C:\Windows\system32\drivers\nvrd32.sys
    2011/01/01 20:56:13.0142 nvsmu (62754e376185eacbb73d06fea0ffc54a) C:\Windows\system32\drivers\nvsmu.sys
    2011/01/01 20:56:13.0205 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    2011/01/01 20:56:13.0298 nvstor32 (1199b2052f7861c1d39c2318e70904c9) C:\Windows\system32\DRIVERS\nvstor32.sys
    2011/01/01 20:56:13.0345 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    2011/01/01 20:56:13.0454 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    2011/01/01 20:56:13.0579 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/01/01 20:56:13.0642 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/01/01 20:56:13.0720 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/01/01 20:56:13.0829 PCD5SRVC{BD6912E3-AC9D80E8-05040000} (9489c4cf14126a06b061163d2b261c69) C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms
    2011/01/01 20:56:13.0938 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/01/01 20:56:13.0985 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    2011/01/01 20:56:14.0047 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/01/01 20:56:14.0156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/01/01 20:56:14.0281 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/01/01 20:56:14.0375 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    2011/01/01 20:56:14.0484 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/01/01 20:56:14.0546 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
    2011/01/01 20:56:14.0640 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    2011/01/01 20:56:14.0734 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/01/01 20:56:14.0812 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/01/01 20:56:14.0843 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/01/01 20:56:14.0921 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/01/01 20:56:14.0983 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/01/01 20:56:15.0061 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/01/01 20:56:15.0139 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/01/01 20:56:15.0217 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/01/01 20:56:15.0280 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    2011/01/01 20:56:15.0295 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/01/01 20:56:15.0373 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/01/01 20:56:15.0498 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/01/01 20:56:15.0560 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/01/01 20:56:15.0670 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/01/01 20:56:15.0748 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    2011/01/01 20:56:15.0779 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    2011/01/01 20:56:15.0872 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/01/01 20:56:16.0028 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    2011/01/01 20:56:16.0060 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/01/01 20:56:16.0153 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    2011/01/01 20:56:16.0184 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2011/01/01 20:56:16.0325 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    2011/01/01 20:56:16.0356 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    2011/01/01 20:56:16.0387 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    2011/01/01 20:56:16.0465 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/01/01 20:56:16.0574 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/01/01 20:56:16.0637 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
    2011/01/01 20:56:16.0746 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
    2011/01/01 20:56:16.0793 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/01/01 20:56:16.0886 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/01/01 20:56:16.0949 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/01/01 20:56:16.0980 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/01/01 20:56:17.0089 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/01/01 20:56:17.0183 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/01/01 20:56:17.0276 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/01/01 20:56:17.0323 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/01/01 20:56:17.0386 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/01/01 20:56:17.0479 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/01/01 20:56:17.0542 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/01/01 20:56:17.0573 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/01/01 20:56:17.0713 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/01/01 20:56:17.0744 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/01/01 20:56:17.0760 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/01/01 20:56:17.0791 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    2011/01/01 20:56:17.0854 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/01/01 20:56:17.0963 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    2011/01/01 20:56:18.0010 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    2011/01/01 20:56:18.0056 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/01/01 20:56:18.0103 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/01/01 20:56:18.0197 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/01/01 20:56:18.0322 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
    2011/01/01 20:56:18.0415 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/01/01 20:56:18.0478 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/01/01 20:56:18.0540 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/01/01 20:56:18.0618 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/01/01 20:56:18.0680 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/01/01 20:56:18.0790 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/01/01 20:56:18.0821 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/01/01 20:56:18.0883 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/01/01 20:56:18.0992 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/01/01 20:56:19.0070 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/01/01 20:56:19.0117 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/01/01 20:56:19.0211 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    2011/01/01 20:56:19.0242 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    2011/01/01 20:56:19.0304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    2011/01/01 20:56:19.0336 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/01/01 20:56:19.0398 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/01/01 20:56:19.0460 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/01/01 20:56:19.0538 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    2011/01/01 20:56:19.0648 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/01/01 20:56:19.0726 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/01/01 20:56:19.0757 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/01/01 20:56:19.0819 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    2011/01/01 20:56:19.0866 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2011/01/01 20:56:20.0053 winachsf (0869c31e0ff995bf00628af8c1658e26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    2011/01/01 20:56:20.0178 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
    2011/01/01 20:56:20.0318 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/01/01 20:56:20.0365 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/01/01 20:56:20.0506 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/01/01 20:56:20.0568 XAudio (bfcc507eca58f11c5fed96e192b878cb) C:\Windows\system32\DRIVERS\xaudio.sys
    2011/01/01 20:56:20.0615 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    2011/01/01 20:56:20.0630 ================================================================================
    2011/01/01 20:56:20.0630 Scan finished
    2011/01/01 20:56:20.0630 ================================================================================
    2011/01/01 20:56:20.0646 Detected object count: 1
    2011/01/01 20:56:28.0493 \HardDisk0 - will be cured after reboot
    2011/01/01 20:56:28.0493 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
    2011/01/01 20:56:35.0201 Deinitialize success
     
    ebsgirl,
    #18
  20. 2011/01/01
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good :)
    Better?

    Download Bootkit Remover to your Desktop.

    • You then need to extract the remover.exe file from the RAR using a program capable of extracing RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
    • After extracing remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
     
    broni,
    #19
  21. 2011/01/01
    ebsgirl

    ebsgirl Inactive Thread Starter

    Joined:
    2010/12/31
    Messages:
    40
    Likes Received:
    0
    umm...i think that was the tdsskiller from previous copy/paste...I get the black box and pressed select all...and copy..but the paste is the previous copy...it said there was some errors...notice said : ATA_PASS_THROUGH_DIRECT is not supported by disk contoller. ATA_PASS_THROUGH_DIRECT will be used for disk I/0

    Did I extract or run this wrong?
     
    ebsgirl,
    #20
Page 1 of 4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...