browser redirect problem

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bluejae

Thread Starter
Joined
Jul 27, 2009
Messages
60
i've tried to correct this on my own but i've failed. i'm hoping someone can help.

a few other things i've noticed... there is new hardware that tries to install new drivers or something... it says it's unknown... when i tried to figure out what it was for, i was able to find something about legacy_wscsvc or something...

another thing is sometimes i get random Generic Host Process for Win32 Services error that has encountered a problem.

anyway, here is the information

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:52:09 PM, on 1/4/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\YOUN\Desktop\fixes\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] "C:\WINDOWS\stsystra.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] "C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE"
O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [wltray.exe] "C:\WINDOWS\system32\wltray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...RkwrOC1GMTBNMTBEKzE"&"prod=90"&"ver=10.0.1187
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\YOUN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AirLink101 Wireless Monitor.lnk = C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
O16 - DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} (CyImage Class) - http://cyimg7.cyworld.com/ImageUpload/CyPictureU1233.cab?20081124
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WIIMI Performance Adapter (WiimiApSvr) - Unknown owner - C:\WINDOWS\system32\yxzsosh.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 6782 bytes



DDS (Ver_10-12-12.02) - NTFSx86
Run by YOUN at 20:53:18.96 on 01/04/2011 Tue
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.949.82.1033.18.1982.1492 [GMT -6:00]
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\YOUN\Desktop\fixes\HijackThis.exe
C:\Documents and Settings\YOUN\Desktop\fixes\dds.scr
C:\WINDOWS\system32\conime.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.handbagshopping.com/catalog/
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.dell.com
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] "c:\program files\superantispyware\SUPERAntiSpyware.exe"
uRun: [Google Update] "c:\documents and settings\youn\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "c:\windows\system32\nwiz.exe" /install
mRun: [NvMediaCenter] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SigmatelSysTrayApp] "c:\windows\stsystra.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] "c:\windows\ime\imkr6_1\IMEKRMIG.EXE"
mRun: [MSPY2002] "c:\windows\system32\ime\pintlgnt\ImScInst.exe" /SYNC
mRun: [PHIME2002ASync] "c:\windows\system32\ime\tintlgnt\TINTSETP.EXE" /SYNC
mRun: [PHIME2002A] "c:\windows\system32\ime\tintlgnt\TINTSETP.EXE" /IMEName
mRun: [wltray.exe] "c:\windows\system32\wltray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-unins...RkwrOC1GMTBNMTBEKzE"&"prod=90"&"ver=10.0.1187
StartupFolder: c:\docume~1\youn\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\airlink101 wlan monitor\RtWLan.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} - hxxp://cyimg7.cyworld.com/ImageUpload/CyPictureU1233.cab?20081124
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\youn\applic~1\mozilla\firefox\profiles\qinmjffl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.handbagshopping.com/catalog/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\youn\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
============= SERVICES / DRIVERS ===============
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-4 293968]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-9-15 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 66632]
R2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-3-17 65536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-4 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-4 40384]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-8-16 594048]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 12872]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-6 135664]
S2 WiimiApSvr;WIIMI Performance Adapter;c:\windows\system32\yxzsosh.exe --> c:\windows\system32\yxzsosh.exe [?]
=============== Created Last 30 ================
2011-01-05 01:12:09 -------- d-sha-r- C:\cmdcons
2011-01-05 01:10:21 98816 ----a-w- c:\windows\sed.exe
2011-01-05 01:10:21 89088 ----a-w- c:\windows\MBR.exe
2011-01-05 01:10:21 256512 ----a-w- c:\windows\PEV.exe
2011-01-05 01:10:21 161792 ----a-w- c:\windows\SWREG.exe
2011-01-05 00:43:21 38848 ----a-w- c:\windows\avastSS.scr
2011-01-05 00:43:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2011-01-02 21:16:43 -------- d-----w- c:\docume~1\youn\applic~1\AVG10
2010-12-29 08:38:23 -------- d-----w- c:\windows\system32\NtmsData
2010-12-29 08:34:35 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2010-12-29 08:33:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2010-12-29 08:26:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-12-27 02:55:45 -------- d-----w- c:\docume~1\youn\applic~1\Uhihyq
2010-12-27 02:55:45 -------- d-----w- c:\docume~1\youn\applic~1\Nyhe
2010-12-27 02:24:23 -------- d-----w- c:\program files\CCleaner
2010-12-16 14:30:13 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 14:29:33 45568 ------w- c:\windows\system32\dllcache\wab.exe
==================== Find3M ====================
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-05 05:05:36 667136 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:05:36 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 05:05:35 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
=================== ROOTKIT ====================
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST316081 rev.4.AD -> Harddisk0\DR0 -> \Device\Scsi\nvgts1
device: opened successfully
user: MBR read successfully
Disk trace:
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Scsi\nvgts1Port0Path0Target0Lun0 -> \??\SCSI#Disk&Ven_ST316081&Prod_5AS&Rev_4.AD#4&9006ed5&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
============= FINISH: 20:59:21.43 ===============


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-04 21:17:38
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1 ST316081 rev.4.AD
Running: 9xzrzdrc.exe; Driver: C:\DOCUME~1\YOUN\LOCALS~1\Temp\pxtdrpob.sys

---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA59727D4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xA597971E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xA59795D6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xA5979BDC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xA5979AF2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xA59791AA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA5972884]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xA59796B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xA59790E6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xA597914C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA597291C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xA59797F6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA5979CAA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xA59797B4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xA5979938]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA598675E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA5986582]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA59866BC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP A59866C0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP A5986586 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP A598211E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP A5983BB8 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP A5986762 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB856A360, 0x30AD87, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\spoolsv.exe[192] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[192] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe[304] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jqs.exe[412] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[420] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\RUNDLL32.EXE[472] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\stsystra.exe[480] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[520] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[572] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[616] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[628] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[784] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[844] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 007B000A
.text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00A5000A
.text C:\WINDOWS\System32\svchost.exe[884] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 007A000C
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[884] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00E2000A
.text C:\WINDOWS\system32\wltray.exe[940] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wltray.exe[940] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Java\jre6\bin\jusched.exe[948] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[964] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1024] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[1120] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[1176] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\wltrysvc.exe[1292] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\bcmwltry.exe[1356] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1420] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe[1460] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Digital Line Detect\DLG.exe[1500] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D1000A
.text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D2000A
.text C:\WINDOWS\Explorer.EXE[1620] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00D0000C
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1620] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[2088] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2160] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wdfmgr.exe[2272] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[2368] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Documents and Settings\YOUN\Desktop\fixes\9xzrzdrc.exe[3132] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Documents and Settings\YOUN\Desktop\fixes\9xzrzdrc.exe[3132] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3892] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts1Port0Path1Target1Lun0 8A42139B
Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts1 8A42139B
Device \Driver\nvgts -> DriverStartIo \Device\Scsi\nvgts2 8A42139B
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \Device\Scsi\nvgts1Port0Path0Target0Lun0 -> \??\SCSI#Disk&Ven_ST316081&Prod_5AS&Rev_4.AD#4&9006ed5&0&000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression Filter
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] Indeo? video 5.10 Compression Filter
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] {1F73E9B1-8C3A-11D0-A3BE-00A0C9244436}
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] 0x02 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo?video 5.10 Compression [email protected] 1
---- EOF - GMER 1.0.15 ----
 

Attachments

bluejae

Thread Starter
Joined
Jul 27, 2009
Messages
60
i hope bumping will be ok. it's been 25 days since i've posted this for help. would appreciate any assistance.

thank you
 

Conspire

Malware Specialist
Joined
Feb 3, 2011
Messages
452
Hello there, bluejae

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:

  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to.

---------------------------------------------------------------------------------------------------

We are sorry for the late reply, therefore we need a new log to see how far the damage has been done.

---------------------------------------------------------------------------------------------------
 

Conspire

Malware Specialist
Joined
Feb 3, 2011
Messages
452
Hello there,

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


  • If an infected file is detected, the default action will be Cure, click on Continue.


  • If a suspicious file is detected, the default action will be Skip, click on Continue.


  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


===================================================

Please delete the existing copy and download DDS by sUBs from one of the following links and save it to your desktop.

  • Disable any script blocking protection (How to Disable your Security Programs)
  • Double click DDS icon to run the tool (may take up to 3 minutes to run)
  • When done, DDS.txt will open.
  • After a few moments, attach.txt will open in a second window.
  • Save both reports to your desktop.
---------------------------------------------------
  • Post the contents of the DDS.txt report in your next reply.
===================================================

I will need you to run GMER again this time.

===================================================

On your next reply please post :
TDSSKiller log
Fresh DDS log
Fresh GMER log

Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
 

bluejae

Thread Starter
Joined
Jul 27, 2009
Messages
60
in response to the new log file, the computer hasn't been turned on since that information for the logs were retrieved. will a new log file still be necessary?
 

bluejae

Thread Starter
Joined
Jul 27, 2009
Messages
60
sorry. been out of town and a lots been going on. i'll get back to it as soon as i can.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top