1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

browser redirect problem

Discussion in 'Virus & Other Malware Removal' started by bluejae, Jan 4, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. bluejae

    bluejae Thread Starter

    Joined:
    Jul 27, 2009
    Messages:
    60
    i've tried to correct this on my own but i've failed. i'm hoping someone can help.

    a few other things i've noticed... there is new hardware that tries to install new drivers or something... it says it's unknown... when i tried to figure out what it was for, i was able to find something about legacy_wscsvc or something...

    another thing is sometimes i get random Generic Host Process for Win32 Services error that has encountered a problem.

    anyway, here is the information

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:52:09 PM, on 1/4/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\stsystra.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\WINDOWS\system32\wltray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\YOUN\Desktop\fixes\HijackThis.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install
    O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] "C:\WINDOWS\stsystra.exe"
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] "C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE"
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [wltray.exe] "C:\WINDOWS\system32\wltray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...RkwrOC1GMTBNMTBEKzE"&"prod=90"&"ver=10.0.1187
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\YOUN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: AirLink101 Wireless Monitor.lnk = C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
    O16 - DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} (CyImage Class) - http://cyimg7.cyworld.com/ImageUpload/CyPictureU1233.cab?20081124
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: WIIMI Performance Adapter (WiimiApSvr) - Unknown owner - C:\WINDOWS\system32\yxzsosh.exe (file missing)
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
    --
    End of file - 6782 bytes



    DDS (Ver_10-12-12.02) - NTFSx86
    Run by YOUN at 20:53:18.96 on 01/04/2011 Tue
    Internet Explorer: 6.0.2900.5512
    Microsoft Windows XP Professional 5.1.2600.3.949.82.1033.18.1982.1492 [GMT -6:00]
    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    ============== Running Processes ===============
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\stsystra.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\WINDOWS\system32\wltray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Documents and Settings\YOUN\Desktop\fixes\HijackThis.exe
    C:\Documents and Settings\YOUN\Desktop\fixes\dds.scr
    C:\WINDOWS\system32\conime.exe
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://www.handbagshopping.com/catalog/
    uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
    uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
    mDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://www.dell.com
    mSearch Bar = hxxp://www.google.com/ie
    uInternet Settings,ProxyServer = http=127.0.0.1:8074
    uInternet Settings,ProxyOverride = <local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [SUPERAntiSpyware] "c:\program files\superantispyware\SUPERAntiSpyware.exe"
    uRun: [Google Update] "c:\documents and settings\youn\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] "c:\windows\system32\nwiz.exe" /install
    mRun: [NvMediaCenter] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [SigmatelSysTrayApp] "c:\windows\stsystra.exe"
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    mRun: [IMEKRMIG6.1] "c:\windows\ime\imkr6_1\IMEKRMIG.EXE"
    mRun: [MSPY2002] "c:\windows\system32\ime\pintlgnt\ImScInst.exe" /SYNC
    mRun: [PHIME2002ASync] "c:\windows\system32\ime\tintlgnt\TINTSETP.EXE" /SYNC
    mRun: [PHIME2002A] "c:\windows\system32\ime\tintlgnt\TINTSETP.EXE" /IMEName
    mRun: [wltray.exe] "c:\windows\system32\wltray.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...RkwrOC1GMTBNMTBEKzE"&"prod=90"&"ver=10.0.1187
    StartupFolder: c:\docume~1\youn\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\airlink101 wlan monitor\RtWLan.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
    DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} - hxxp://cyimg7.cyworld.com/ImageUpload/CyPictureU1233.cab?20081124
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    ================= FIREFOX ===================
    FF - ProfilePath - c:\docume~1\youn\applic~1\mozilla\firefox\profiles\qinmjffl.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.handbagshopping.com/catalog/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\youn\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
    ---- FIREFOX POLICIES ----
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false
    ============= SERVICES / DRIVERS ===============
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-4 293968]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-9-15 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 66632]
    R2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-3-17 65536]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-4 17744]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-4 40384]
    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-8-16 594048]
    R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 12872]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-6 135664]
    S2 WiimiApSvr;WIIMI Performance Adapter;c:\windows\system32\yxzsosh.exe --> c:\windows\system32\yxzsosh.exe [?]
    =============== Created Last 30 ================
    2011-01-05 01:12:09 -------- d-sha-r- C:\cmdcons
    2011-01-05 01:10:21 98816 ----a-w- c:\windows\sed.exe
    2011-01-05 01:10:21 89088 ----a-w- c:\windows\MBR.exe
    2011-01-05 01:10:21 256512 ----a-w- c:\windows\PEV.exe
    2011-01-05 01:10:21 161792 ----a-w- c:\windows\SWREG.exe
    2011-01-05 00:43:21 38848 ----a-w- c:\windows\avastSS.scr
    2011-01-05 00:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
    2011-01-02 21:16:43 -------- d-----w- c:\docume~1\youn\applic~1\AVG10
    2010-12-29 08:38:23 -------- d-----w- c:\windows\system32\NtmsData
    2010-12-29 08:34:35 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
    2010-12-29 08:33:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
    2010-12-29 08:26:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
    2010-12-27 02:55:45 -------- d-----w- c:\docume~1\youn\applic~1\Uhihyq
    2010-12-27 02:55:45 -------- d-----w- c:\docume~1\youn\applic~1\Nyhe
    2010-12-27 02:24:23 -------- d-----w- c:\program files\CCleaner
    2010-12-16 14:30:13 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
    2010-12-16 14:29:33 45568 ------w- c:\windows\system32\dllcache\wab.exe
    ==================== Find3M ====================
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-05 05:05:36 667136 ----a-w- c:\windows\system32\wininet.dll
    2010-11-05 05:05:36 61952 ----a-w- c:\windows\system32\tdc.ocx
    2010-11-05 05:05:35 81920 ----a-w- c:\windows\system32\ieencode.dll
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
    =================== ROOTKIT ====================
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 5.1.2600 Disk: ST316081 rev.4.AD -> Harddisk0\DR0 -> \Device\Scsi\nvgts1
    device: opened successfully
    user: MBR read successfully
    Disk trace:
    kernel: MBR read successfully
    _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
    detected disk devices:
    \Device\Scsi\nvgts1Port0Path0Target0Lun0 -> \??\SCSI#Disk&Ven_ST316081&Prod_5AS&Rev_4.AD#4&9006ed5&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    detected hooks:
    user & kernel MBR OK
    ============= FINISH: 20:59:21.43 ===============


    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-04 21:17:38
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1 ST316081 rev.4.AD
    Running: 9xzrzdrc.exe; Driver: C:\DOCUME~1\YOUN\LOCALS~1\Temp\pxtdrpob.sys

    ---- System - GMER 1.0.15 ----
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA59727D4]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xA597971E]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xA59795D6]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xA5979BDC]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xA5979AF2]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xA59791AA]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA5972884]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xA59796B2]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xA59790E6]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xA597914C]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA597291C]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xA59797F6]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA5979CAA]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xA59797B4]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xA5979938]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA598675E]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA5986582]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA59866BC]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
    ---- Kernel code sections - GMER 1.0.15 ----
    PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP A59866C0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP A5986586 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP A598211E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP A5983BB8 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP A5986762 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB856A360, 0x30AD87, 0xE8000020]
    ---- User code sections - GMER 1.0.15 ----
    .text C:\WINDOWS\system32\spoolsv.exe[192] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[616] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 007B000A
    .text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00A5000A
    .text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 007A000C
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[884] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00E2000A
    .text C:\WINDOWS\system32\wltray.exe[940] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1420] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D1000A
    .text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D2000A
    .text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00D0000C
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Documents and Settings\YOUN\Desktop\fixes\9xzrzdrc.exe[3132] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Documents and Settings\YOUN\Desktop\fixes\9xzrzdrc.exe[3132] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    ---- Devices - GMER 1.0.15 ----
    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts1Port0Path1Target1Lun0 8A42139B
    Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts1 8A42139B
    Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts2 8A42139B
    Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    Device \Device\Scsi\nvgts1Port0Path0Target0Lun0 -> \??\SCSI#Disk&Ven_ST316081&Prod_5AS&Rev_4.AD#4&9006ed5&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    ---- Registry - GMER 1.0.15 ----
    Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression Filter
    Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] Indeo? video 5.10 Compression Filter
    Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] {1F73E9B1-8C3A-11D0-A3BE-00A0C9244436}
    Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] 0x02 0x00 0x00 0x00 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] 1
    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. bluejae

    bluejae Thread Starter

    Joined:
    Jul 27, 2009
    Messages:
    60
    i hope bumping will be ok. it's been 25 days since i've posted this for help. would appreciate any assistance.

    thank you
     
  3. bluejae

    bluejae Thread Starter

    Joined:
    Jul 27, 2009
    Messages:
    60
    another bump
     
  4. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
    Hello there, bluejae

    I'm Conspire, I'll be glad to help you with your computer problems.

    Please observe these rules while we work:

    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.

    ---------------------------------------------------------------------------------------------------

    We are sorry for the late reply, therefore we need a new log to see how far the damage has been done.

    ---------------------------------------------------------------------------------------------------
     
  5. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
    Hello there,

    Please read carefully and follow these steps.

    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


      [​IMG]
    • If an infected file is detected, the default action will be Cure, click on Continue.


      [​IMG]
    • If a suspicious file is detected, the default action will be Skip, click on Continue.


      [​IMG]
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      [​IMG]
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


    ===================================================

    Please delete the existing copy and download DDS by sUBs from one of the following links and save it to your desktop.

    • Disable any script blocking protection (How to Disable your Security Programs)
    • Double click DDS icon to run the tool (may take up to 3 minutes to run)
    • When done, DDS.txt will open.
    • After a few moments, attach.txt will open in a second window.
    • Save both reports to your desktop.
    ---------------------------------------------------
    • Post the contents of the DDS.txt report in your next reply.
    ===================================================

    I will need you to run GMER again this time.

    ===================================================

    On your next reply please post :
    TDSSKiller log
    Fresh DDS log
    Fresh GMER log

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
     
  6. bluejae

    bluejae Thread Starter

    Joined:
    Jul 27, 2009
    Messages:
    60
    in response to the new log file, the computer hasn't been turned on since that information for the logs were retrieved. will a new log file still be necessary?
     
  7. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
  8. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
    Do you still need help?
     
  9. bluejae

    bluejae Thread Starter

    Joined:
    Jul 27, 2009
    Messages:
    60
    sorry. been out of town and a lots been going on. i'll get back to it as soon as i can.
     
  10. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
    Ok, thanks for letting me know.
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - browser redirect problem
  1. Brigham
    Replies:
    1
    Views:
    435
  2. JimHebert
    Replies:
    9
    Views:
    801
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/972735

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice