1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

PC Security 2011 - Security Warning

Discussion in 'Virus & Other Malware Removal' started by mwredt, Jan 29, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    Recently I started getting security warnings from PC Security 2011. I don't know where this came from and I didn't install it on my computer but there it is. The popups are very bothersome as they are "always on top" and makes it difficult to to anything with the computer. I also get a balloon type window with warning that a USB spam-bot detected. This does not seem to be from PC Security 2011.
    I have read instructions for posting and have the required files. This is a Toshiba Satellite laptop computer running Windows XP.
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:33:43 AM, on 1/29/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\DLACTRLW.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\PC Security 2011\PC2011.exe
    C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\toshiba\ivp\ism\ivpsvmgr.exe
    C:\Documents and Settings\Marion\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/wind/portal/index.aspx
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/campaign.asp?cid=18588
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - Startup: PC2011.lnk = C:\Program Files\PC Security 2011\PC2011.exe
    O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1270469993890
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B2DF2D81-59C8-4CB0-9548-45F72D06B1AF}: NameServer = 93.188.164.47,93.188.160.227
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FA7D45CE-7E7A-429A-B522-4F5E143591F8}: NameServer = 93.188.164.47,93.188.160.227
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.164.47,93.188.160.227
    O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 93.188.164.47,93.188.160.227
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.47,93.188.160.227
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
    O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

    --
    End of file - 8797 bytes


    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Marion at 9:47:59.43 on Sat 01/29/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.974 [GMT -6:00]

    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    AV: *Enabled/Updated* {445C2AD3-E094-4496-9AB2-015867D4734C}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba\Tvs\TvsTray.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\system32\dla\DLACTRLW.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\PC Security 2011\PC2011.exe
    C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\toshiba\ivp\ism\ivpsvmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Marion\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.windstream.net/wind/portal/index.aspx
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uInternet Connection Wizard,ShellNext = hxxp://us.mcafee.com/root/campaign.asp?cid=18588
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
    mRun: [TFncKy] TFncKy.exe
    mRun: [TDispVol] TDispVol.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
    mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
    mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
    mRun: [TPSMain] TPSMain.exe
    mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
    mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
    mRun: [dla] c:\windows\system32\dla\DLACTRLW.exe
    mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
    mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe
    StartupFolder: c:\docume~1\marion\startm~1\programs\startup\pc2011.lnk - c:\program files\pc security 2011\PC2011.exe
    StartupFolder: c:\docume~1\marion\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1270469993890
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
    TCP: NameServer = 93.188.164.47,93.188.160.227
    TCP: {B2DF2D81-59C8-4CB0-9548-45F72D06B1AF} = 93.188.164.47,93.188.160.227
    TCP: {FA7D45CE-7E7A-429A-B522-4F5E143591F8} = 93.188.164.47,93.188.160.227
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages = scecli scecli

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\marion\applic~1\mozilla\firefox\profiles\kgc2vegn.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.windstream.net/wind/portal/index.aspx
    FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-4-3 294608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-4-3 17744]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-3 40384]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
    S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
    S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
    S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680]
    S3 SVRPEDRV;SVRPEDRV;\??\c:\sysprep\pedrv.sys --> c:\sysprep\PEDrv.sys [?]

    =============== Created Last 30 ================

    2011-01-27 18:20:16 -------- d-----w- c:\docume~1\marion\applic~1\PC Security 2011
    2011-01-27 18:20:15 -------- d-----w- c:\docume~1\marion\applic~1\Uninstall_Security
    2011-01-27 18:20:14 -------- d-----w- c:\program files\PC Security 2011
    2011-01-27 15:52:58 -------- d-----w- c:\docume~1\marion\locals~1\applic~1\Chronicles of Albian
    2011-01-27 15:49:55 -------- d-----w- c:\program files\WildGames
    2011-01-27 15:35:45 -------- d-----w- c:\program files\WildTangent Games
    2011-01-22 21:12:01 -------- d-sh--w- c:\documents and settings\marion\IECompatCache
    2011-01-19 10:31:02 -------- d-----w- c:\windows\pss

    ==================== Find3M ====================

    2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
    2010-11-27 23:45:53 1409 ----a-w- c:\windows\QTFont.for
    2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
    2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
    2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
    2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

    ============= FINISH: 9:48:40.65 ===============
    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-29 11:44:31
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHV2160BT_PL rev.00000050
    Running: yji5rb6m.exe; Driver: C:\DOCUME~1\Marion\LOCALS~1\Temp\kgldqpoc.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA8FE0728]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xA8FE77EA]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xA8FE76A2]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xA8FE7CA8]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xA8FE7BBE]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xA8FE7276]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA8FE07D8]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xA8FE777E]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xA8FE71B2]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xA8FE7218]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA8FE0870]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xA8FE78C2]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA8FE7D76]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xA8FE7880]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xA8FE7A04]

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA8FF482E]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA8FF4652]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA8FF478C]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!ZwYieldExecution + DA 804E4934 4 Bytes JMP E1A8FE77
    PAGE ntoskrnl.exe!ObInsertObject 8056DA64 5 Bytes JMP A8FF1C88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntoskrnl.exe!NtCreateSection 8056DB66 7 Bytes JMP A8FF4656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntoskrnl.exe!ZwCreateProcessEx 8059056D 7 Bytes JMP A8FF4832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntoskrnl.exe!ZwLoadDriver 805AEDE2 7 Bytes JMP A8FF4790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntoskrnl.exe!ObMakeTemporaryObject 805E74E6 5 Bytes JMP A8FF01EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xB9ADBEBF]
    ? C:\DOCUME~1\Marion\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe[176] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\ctfmon.exe[196] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\Explorer.EXE[204] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Messenger\msmsgs.exe[232] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe[240] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[360] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
    .text C:\WINDOWS\system32\RAMASST.exe[400] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\RAMASST.exe[400] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] user32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] user32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] user32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] user32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\PC Security 2011\PC2011.exe[440] user32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[448] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\toshiba\ivp\ism\ivpsvmgr.exe[568] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\winlogon.exe[912] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe[932] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\services.exe[956] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\lsass.exe[968] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TDispVol.exe[1032] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1100] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxtray.exe[1112] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1236] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\hkcmd.exe[1296] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\igfxpers.exe[1328] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[1400] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1460] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe[1488] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1528] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\ehtray.exe[1544] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[1556] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\ltmoh\Ltmoh.exe[1588] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1604] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\AGRSMMSG.exe[1616] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Synaptics\SynTP\Toshiba.exe[1644] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe[1660] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Toshiba\Tvs\TvsTray.exe[1668] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSMain.exe[1684] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe[1688] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1700] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dla\DLACTRLW.exe[1748] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[1840] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[1888] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\TPSBattM.exe[1972] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2016] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\spoolsv.exe[2068] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe[2092] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe[2092] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[2292] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\alg.exe[2316] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehmsas.exe[2360] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[2640] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe[2716] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\DVDRAMSV.exe[2760] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehRecvr.exe[2780] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\eHome\ehSched.exe[2792] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2852] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2896] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\CDBurnerXP\NMSAccessU.exe[2912] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\System32\svchost.exe[2932] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[2984] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3184] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\svchost.exe[3272] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text c:\TOSHIBA\IVP\swupdate\swupdtmr.exe[3284] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe[3316] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\ehome\mcrdsvc.exe[3428] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\WINDOWS\system32\dllhost.exe[4028] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\WINDOWS\system32\services.exe[956] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00600002
    IAT C:\WINDOWS\system32\services.exe[956] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00600000

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

    Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
    Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

    Device \FileSystem\Cdfs \Cdfs A86C4400
    Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

    ---- EOF - GMER 1.0.15 ----
    Can someone figure out from this information what I should do?
     

    Attached Files:

  2. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    Some have looked at my post but noone has replied. Have I submitted what is needed or do I need to do more?
     
  3. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    My name is Duffy and I will be helping you with your malware issue.

    Since I am still in training, all my fixes must be checked by an Expert first. Please be patient with me during this time while I propose a fix for you. Please follow my instructions step by step, if you have any questions feel free to ask. It is also a good idea to save my instructions to notepad or print them out so you have them.

    I have proposed a fix to an expert I will get back to you asap.
     
  4. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    Hi mwredt
    I need to get some more logs from you :)

    Run rkill
    Note: If your security software warns about Rkill, ignore & allow the download to continue.
    Download RKill by Grinler from Here & save it to your Desktop.
    Alternate download links:
    Two
    Three
    Four
    • Double click Rkill to run it
    • A command window will open then disappear upon completion, this is normal
      • If this does not happen... delete the file, then download & use the next link provided
      • If it does not work, repeat the process & attempt to use one of the remaining links until the tool runs
    • Do not reboot your machine until asked to do so. If no version of Rkill would run, please let me know
    • When finished, Notepad will open with a log file, automatically saved at C:\rkill.log
    • Copy/paste the contents of the rkill.log file in your next reply
    • Leave Rkill on the Desktop unless instructed otherwise
    Note: If you get an alert that Rkill is infected, ignore it. The alert is a fake warning given by the rogue software, trying to "protect" itself from being terminated or removed. If you see such a warning, leave the warning on the screen, then run Rkill again. By not closing the warning, this sometimes allows you to bypass the malware's attempt to protect itself, so that Rkill can perform its routine.

    After running RKill continue to do the following, it is important in this time you do not reboot your PC.

    OTL Scan
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
     
  5. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    I ran rkill and otl as you requested. I got the rkill.log and the otl.txt file but did not ever see the extras file that was supposed to be created along with the otl.txt file. I looked in C: and found the otl.txt file but there was no otl folder and no extras file. I will post the rkill.log file and the otl.txt file here.

    This log file is located at C:\rkill.log.
    Please post this only if requested to by the person helping you.
    Otherwise you can close this log when you wish.

    Rkill was run on 02/08/2011 at 4:17:19.
    Operating System: Microsoft Windows XP


    Processes terminated by Rkill or while it was running:

    C:\Program Files\PC Security 2011\PC2011.exe


    Rkill completed on 02/08/2011 at 4:17:26.


    OTL logfile created on: 2/8/2011 4:27:41 AM - Run 2
    OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Marion\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 148.80 Gb Total Space | 113.27 Gb Free Space | 76.12% Space Free | Partition Type: NTFS
    Drive E: | 1.87 Gb Total Space | 1.32 Gb Free Space | 70.81% Space Free | Partition Type: FAT
    Drive F: | 1.92 Gb Total Space | 1.92 Gb Free Space | 99.98% Space Free | Partition Type: FAT
    Drive G: | 14.92 Gb Total Space | 10.37 Gb Free Space | 69.56% Space Free | Partition Type: FAT32

    Computer Name: CHARLIE | User Name: Marion | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Marion\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
    PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
    PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
    PRC - C:\Program Files\Synaptics\SynTP\Toshiba.exe (Synaptics, Inc.)
    PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
    PRC - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
    PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
    PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
    PRC - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
    PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
    PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    PRC - C:\TOSHIBA\IVP\ISM\pinger.exe (TOSHIBA Corporation)
    PRC - C:\WINDOWS\system32\TDispVol.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    PRC - C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    PRC - C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
    PRC - C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Marion\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\TDispVol.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (HidServ) -- File not found
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
    SRV - (TAPPSRV) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
    SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
    SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
    SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
    SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
    SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
    DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
    DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
    DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
    DRV - (motport) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola)
    DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
    DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
    DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
    DRV - (w39n51) Intel(R) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
    DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation)
    DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
    DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
    DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)
    DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
    DRV - (TVALD) -- C:\WINDOWS\system32\drivers\NBSMI.sys (Toshiba Corporation)
    DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
    DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
    DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
    DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
    DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
    DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
    DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
    DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
    DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
    DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)
    DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
    DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
    DRV - (tbiosdrv) -- C:\WINDOWS\system32\drivers\tbiosdrv.sys ()
    DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
    DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
    DRV - (KR10N) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION)
    DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
    DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
    DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/wind/portal/index.aspx
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.windstream.net/wind/portal/index.aspx"

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 08:10:58 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 08:10:58 | 000,000,000 | ---D | M]

    [2010/04/03 19:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Extensions
    [2011/01/28 22:14:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Firefox\Profiles\kgc2vegn.default\extensions
    [2010/04/28 02:45:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Firefox\Profiles\kgc2vegn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/04/03 18:59:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

    Hosts file not found
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
    O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
    O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
    O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [NDSTray.exe] File not found
    O4 - HKLM..\Run: [PadTouch] File not found
    O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
    O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TFncKy] File not found
    O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
    O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    O4 - Startup: C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk = C:\Program Files\PC Security 2011\PC2011.exe ()
    O4 - Startup: C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1270469993890 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
    O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.47,93.188.160.227
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Marion\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marion\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/02/15 09:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell - "" = AutoRun
    O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
    O33 - MountPoints2\{c2df459c-3fa6-11df-aad8-0018de53802e}\Shell\AutoRun\command - "" = H:\wubi.exe --cdmenu
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/01/29 09:33:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Marion\Desktop\HijackThis.exe
    [2011/01/27 12:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\PC Security 2011
    [2011/01/27 12:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\Uninstall_Security
    [2011/01/27 12:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Start Menu\Programs\PC Security 2011
    [2011/01/27 12:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\PC Security 2011
    [2011/01/27 12:19:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2011/01/27 12:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\Sun
    [2011/01/27 09:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Local Settings\Application Data\Chronicles of Albian
    [2011/01/27 09:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WildTangent Games
    [2011/01/22 15:12:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Marion\IECompatCache
    [2011/01/19 04:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
    [2011/01/18 16:20:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\OTL.exe
    [2006/02/15 10:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
    [6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [276 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Marion\Desktop\*.tmp files -> C:\Documents and Settings\Marion\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/02/08 03:47:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/02/08 03:47:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/02/08 03:47:21 | 1600,180,224 | -HS- | M] () -- C:\hiberfil.sys
    [2011/02/08 03:42:04 | 000,721,199 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\rkill.com
    [2011/01/29 10:07:41 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe
    [2011/01/29 09:46:12 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\dds.scr
    [2011/01/27 12:20:15 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk
    [2011/01/23 12:01:17 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\Microsoft Office Word 2003.lnk
    [2011/01/22 19:02:09 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Marion\My Documents\Jesus God's SON.doc
    [2011/01/22 15:11:21 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Marion\My Documents\BOWLING STATS.xls
    [2011/01/18 16:21:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\OTL.exe
    [2011/01/16 15:29:46 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Marion\Desktop\HijackThis.exe
    [2011/01/15 18:58:29 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011/01/13 02:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011/01/13 02:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011/01/13 02:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011/01/13 02:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011/01/13 02:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011/01/13 02:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011/01/13 02:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011/01/13 02:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011/01/13 02:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [276 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\Documents and Settings\Marion\Desktop\*.tmp files -> C:\Documents and Settings\Marion\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/02/08 04:15:11 | 000,721,199 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\rkill.com
    [2011/01/29 10:07:40 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe
    [2011/01/29 09:45:51 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\dds.scr
    [2011/01/27 12:20:15 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk
    [2011/01/22 19:02:09 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Marion\My Documents\Jesus God's SON.doc
    [2010/10/30 21:43:49 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
    [2010/06/30 15:00:07 | 000,000,074 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
    [2010/05/30 19:15:43 | 000,007,122 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    [2010/04/04 10:57:41 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Marion\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/03 10:27:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Marion\Local Settings\Application Data\fusioncache.dat
    [2010/04/03 10:03:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2006/05/13 16:56:11 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2006/02/24 22:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
    [2006/02/16 09:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
    [2006/02/16 03:50:52 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2006/02/16 03:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
    [2006/02/16 03:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
    [2006/02/16 03:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
    [2006/02/16 03:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
    [2006/02/16 03:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
    [2006/02/16 03:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
    [2006/02/15 10:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
    [2006/02/15 10:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
    [2006/02/15 10:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
    [2006/02/15 10:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
    [2006/02/15 10:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
    [2006/02/15 10:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
    [2006/02/15 10:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
    [2006/02/15 10:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
    [2006/02/15 10:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2006/02/15 09:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2006/02/15 09:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2006/02/15 08:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2006/02/15 08:03:57 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_003438_.tmp.dll
    [2006/02/15 08:02:59 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_003470_.tmp.dll
    [2006/02/15 01:30:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2006/02/09 16:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
    [2005/11/28 22:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2005/09/02 16:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
    [2005/08/24 17:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
    [2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2005/07/22 23:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
    [2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
    [2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
    [2004/01/13 20:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll

    ========== LOP Check ==========

    [2010/04/03 09:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2010/10/30 21:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
    [2006/02/16 03:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2011/01/29 10:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
    [2010/09/04 21:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
    [2010/10/30 21:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\Canneverbe Limited
    [2010/08/29 21:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\InfraRecorder
    [2010/06/30 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\MyFamily.com
    [2011/01/27 12:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\PC Security 2011
    [2006/02/16 03:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\toshiba
    [2011/01/27 12:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\Uninstall_Security
    [2010/12/25 08:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marion\Application Data\Watchtower

    ========== Purity Check ==========



    < End of report >

    I don't know how vital the extras file is but let me know what to do now.
    Thank you.
     
  6. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    Hi mwredt,
    Sorry about the delay.
    I have outlined some instructions for you below, if you run into any issues let me know :)

    #Step 1
    Update Java
    Java is out of date and older versions contain vulnerabilities. Please update to the newest version.

    Download the newest version from HERE.

    It's important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
    Go to Start > Control Panel > Software and open Add or Remove Programs.
    Search in the list for all previous installed versions of Java. (J2SE Runtime Environment).
    They will have this icon next to them: [​IMG]
    Select each in turn and click Remove.

    Once old versions are gone, please install the newest version.



    Update Adobe Reader
    You have an older version of Adobe Reader. You can download the current version 'here'



    #Step 2
    Run OTL with a Fix
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O4 - Startup: C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk = C:\Program Files\PC Security 2011\PC2011.exe ()
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.47,93.188.160.227
      [2011/01/27 12:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\PC Security 2011
      [2011/01/27 12:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\Uninstall_Security
      [2011/01/27 12:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Start Menu\Programs\PC Security 2011
      [2011/01/27 12:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\PC Security 2011
      [2011/01/27 12:20:15 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk
      O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell - "" = AutoRun
      O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell\AutoRun - "" = Auto&Play
      O33 - MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
      O33 - MountPoints2\{c2df459c-3fa6-11df-aad8-0018de53802e}\Shell\AutoRun\command - "" = H:\wubi.exe --cdmenu
      [6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
      [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
      [276 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
      [1 C:\Documents and Settings\Marion\Desktop\*.tmp files -> C:\Documents and Settings\Marion\Desktop\*.tmp -> ]
      
      :Commands
      [CreateRestorePoint]
      [EmptyFlash]
      [EmptyTemp]
      
    • Then click the Run Fix button at the top
    • Please post any logs it outputs in your next reply.

    In the event your internet doesn't work after applying this fix please do the following:
    • Press start and click control panel.
    • Open network connections and right click on your primary network adapter and select properties.
    • Select Internet protocol TCP/IP and press properties, ensure that the DNS option is set to "Obtain DNS server address automatically" press ok and exit network connections.
    • Press start and go to run, type in ipconfig /flushdns and press ok.



    #Step 3
    Run TFC
    Download TFC to your desktop.
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean



    #Step 4
    Scanning with MalwareBytes' Anti-Malware
    Please download Malwarebytes' Anti-Malware to your desktop.

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



    #Step 5
    ESET Online Scanner
    I'd like us to scan your machine with ESET Online Scan

    Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the [​IMG] button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on [​IMG] to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the [​IMG] icon on your desktop.
    4. Check [​IMG]
    5. Click the [​IMG] button.
    6. Accept any security warnings from your browser.
    7. Check [​IMG]
    8. Make sure that the option "Remove found threats" is Unchecked
    9. Push the Start button.
    10. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
    11. When the scan completes, push [​IMG]
    12. Push [​IMG], and save the file to your desktop using a unique name, such as
      ESETScan. Include the contents of this report in your next reply.
    13. Push the [​IMG] button.
    14. Push [​IMG]


    #Step 6
    Generate fresh otl logs
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
     
  7. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    Problem: Cannot access the internet so I am using another computer to log this.
    I removed old versions of Java then installed new version. I downloaded and installed an update to Adobe Reader.
    I ran OTL with a fix. I rebooted as instructed and retrieved the OTL log file. Here it is:
    All processes killed
    Error: Unable to interpret <Code:> in the current context!
    ========== OTL ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
    File move failed. C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk scheduled to be moved on reboot.
    File C:\Program Files\PC Security 2011\PC2011.exe not found.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer| /E : value set successfully!
    Folder C:\Documents and Settings\Marion\Application Data\PC Security 2011\ not found.
    Folder C:\Documents and Settings\Marion\Application Data\Uninstall_Security\ not found.
    Folder C:\Documents and Settings\Marion\Start Menu\Programs\PC Security 2011\ not found.
    Folder C:\Program Files\PC Security 2011\ not found.
    File C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95c8b156-de9d-11df-ac81-00a0d157ce29}\ not found.
    File H:\LaunchU3.exe -a not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2df459c-3fa6-11df-aad8-0018de53802e}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2df459c-3fa6-11df-aad8-0018de53802e}\ not found.
    File H:\wubi.exe --cdmenu not found.
    File/Folder C:\WINDOWS\Fonts\*.tmp not found.
    File/Folder C:\WINDOWS\*.tmp not found.
    File/Folder C:\WINDOWS\System32\*.tmp not found.
    File/Folder C:\Documents and Settings\Marion\Desktop\*.tmp not found.
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point (0)

    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: Marion
    ->Flash cache emptied: 0 bytes

    User: NetworkService

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Marion
    ->Temp folder emptied: 4324 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 6826043 bytes
    ->Flash cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 914562 bytes

    Total Files Cleaned = 8.00 mb


    OTL by OldTimer - Version 3.2.20.2 log created on 02122011_175516

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PC2011.lnk not found!
    File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

    Next I downloaded and ran TFC following instructions for this.

    Step 5, I downloaded and ran Malwarebytes' Anti-Malware and here is that log:
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    2/12/2011 4:42:44 PM
    mbam-log-2011-02-12 (16-42-44).txt

    Scan type: Quick scan
    Objects scanned: 143298
    Time elapsed: 5 minute(s), 12 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 4
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B2DF2D81-59C8-4CB0-9548-45F72D06B1AF}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.164.47,93.188.160.227) Good: () -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FA7D45CE-7E7A-429A-B522-4F5E143591F8}\NameServer (Trojan.DNSChanger) -> Bad: (93.188.164.47,93.188.160.227) Good: () -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\documents and settings\Marion\my documents\downloads\perfectoptimizer.exe (PUP.PerfectOptimizer) -> Quarantined and deleted successfully.

    I could not go to Step 5 because now I am unable to access any internet sites. I cannot connect to the internet. So I tried the steps you listed at the end of Step 2:
    Press start and click control panel.
    Open network connections and right click on your primary network adapter and select properties.
    Select Internet protocol TCP/IP and press properties, ensure that the DNS option is set to "Obtain DNS server address automatically" press ok and exit network connections.
    Press start and to to run, type in ipconfig /flushdns and press ok.

    Now I cannot access the internet so I can run the ESET Online Scanner. I am using Firefox but tried Internet Explorer and could not log on with either one. I am stuck. What do I do not to be able to access the internet?
     
  8. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    Hi mwredt,
    I'm sorry to here you have no internet on this machine, could you please skip step 5 and continue to generate some fresh otl logs and I'll review the situation thanks.

    Generate fresh OTL logs
    • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
     
  9. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    I ran the OTL and am including the OTL.txt file but did not see an Extras.txt file except the one that was generated on 1/18 but I will include that one also.

    OTL logfile created on: 2/13/2011 7:19:39 PM - Run 3
    OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Marion\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 92.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 148.80 Gb Total Space | 114.49 Gb Free Space | 76.94% Space Free | Partition Type: NTFS
    Drive F: | 1.92 Gb Total Space | 1.92 Gb Free Space | 99.99% Space Free | Partition Type: FAT
    Drive G: | 14.92 Gb Total Space | 10.37 Gb Free Space | 69.56% Space Free | Partition Type: FAT32
    Drive H: | 3.61 Gb Total Space | 3.61 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

    Computer Name: CHARLIE | User Name: Marion | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Marion\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
    PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
    PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
    PRC - C:\Program Files\Synaptics\SynTP\Toshiba.exe (Synaptics, Inc.)
    PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
    PRC - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
    PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
    PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
    PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
    PRC - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
    PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
    PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    PRC - C:\TOSHIBA\IVP\ISM\pinger.exe (TOSHIBA Corporation)
    PRC - C:\WINDOWS\system32\TDispVol.exe (TOSHIBA Corporation)
    PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    PRC - C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    PRC - C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
    PRC - C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)


    ========== Modules (SafeList) ==========

    MOD - C:\Documents and Settings\Marion\Desktop\OTL.exe (OldTimer Tools)
    MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
    MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
    MOD - C:\WINDOWS\system32\TDispVol.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (nosGetPlusHelper) getPlus(R) -- File not found
    SRV - (HidServ) -- File not found
    SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
    SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
    SRV - (TAPPSRV) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe (TOSHIBA Corp.)
    SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
    SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
    SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
    SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe ()
    SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
    SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
    DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
    DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
    DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
    DRV - (motport) -- C:\WINDOWS\system32\drivers\motport.sys (Motorola)
    DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
    DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
    DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
    DRV - (w39n51) Intel(R) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
    DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation)
    DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
    DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
    DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)
    DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
    DRV - (TVALD) -- C:\WINDOWS\system32\drivers\NBSMI.sys (Toshiba Corporation)
    DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
    DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
    DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
    DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
    DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
    DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
    DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
    DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
    DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
    DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)
    DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
    DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
    DRV - (tbiosdrv) -- C:\WINDOWS\system32\drivers\tbiosdrv.sys ()
    DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
    DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
    DRV - (KR10N) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION)
    DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
    DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
    DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
    DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/wind/portal/index.aspx
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.windstream.net/wind/portal/index.aspx"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 08:10:58 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/12 07:59:04 | 000,000,000 | ---D | M]

    [2010/04/03 19:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Extensions
    [2011/02/12 08:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Firefox\Profiles\kgc2vegn.default\extensions
    [2010/04/28 02:45:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Firefox\Profiles\kgc2vegn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/02/12 07:16:29 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Marion\Application Data\Mozilla\Firefox\Profiles\kgc2vegn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2011/02/12 08:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/02/12 07:15:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/02/12 07:15:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
    [2011/02/12 07:15:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

    Hosts file not found
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
    O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
    O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
    O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [NDSTray.exe] File not found
    O4 - HKLM..\Run: [PadTouch] File not found
    O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
    O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TFncKy] File not found
    O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
    O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    O4 - Startup: C:\Documents and Settings\Marion\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1270469993890 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Marion\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marion\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/02/15 09:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/02/12 16:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\Malwarebytes
    [2011/02/12 16:26:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011/02/12 16:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/02/12 16:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011/02/12 16:26:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011/02/12 16:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/02/12 16:25:59 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Marion\Desktop\mbam-setup.exe
    [2011/02/12 08:36:29 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\TFC.exe
    [2011/02/12 08:07:41 | 000,000,000 | ---D | C] -- C:\_OTL
    [2011/02/12 07:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
    [2011/02/12 07:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2011/02/12 07:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
    [2011/02/12 07:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2011/02/12 07:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2011/02/12 07:15:47 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/02/12 07:15:47 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/02/12 07:15:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/02/12 07:15:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/02/12 07:15:47 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/02/12 07:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
    [2011/01/29 09:33:11 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Marion\Desktop\HijackThis.exe
    [2011/01/27 12:19:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2011/01/27 12:19:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Application Data\Sun
    [2011/01/27 09:52:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marion\Local Settings\Application Data\Chronicles of Albian
    [2011/01/27 09:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WildTangent Games
    [2011/01/22 15:12:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Marion\IECompatCache
    [2011/01/19 04:31:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
    [2011/01/18 16:20:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\OTL.exe
    [2006/02/15 10:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

    ========== Files - Modified Within 30 Days ==========

    [2011/02/13 19:16:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/02/13 19:16:34 | 1600,180,224 | -HS- | M] () -- C:\hiberfil.sys
    [2011/02/12 16:26:52 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/02/12 16:07:04 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Marion\Desktop\mbam-setup.exe
    [2011/02/12 08:36:43 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\TFC.exe
    [2011/02/12 08:04:15 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\Microsoft Office Word 2003.lnk
    [2011/02/12 07:59:05 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/02/12 07:15:30 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
    [2011/02/12 07:15:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
    [2011/02/12 07:15:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
    [2011/02/12 07:15:30 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
    [2011/02/12 07:15:29 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
    [2011/02/12 06:56:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/02/08 10:35:20 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\Mem2011.doc
    [2011/02/08 04:47:50 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Marion\My Documents\BOWLING STATS.xls
    [2011/02/08 03:42:04 | 000,721,199 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\rkill.com
    [2011/01/29 10:07:41 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe
    [2011/01/22 19:02:09 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Marion\My Documents\Jesus God's SON.doc
    [2011/01/18 16:21:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marion\Desktop\OTL.exe
    [2011/01/16 15:29:46 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Marion\Desktop\HijackThis.exe
    [2011/01/15 18:58:29 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

    ========== Files Created - No Company Name ==========

    [2011/02/12 16:26:52 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/02/12 07:59:05 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2011/02/08 10:47:14 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\Mem2011.doc
    [2011/02/08 04:15:11 | 000,721,199 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\rkill.com
    [2011/01/29 10:07:40 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Marion\Desktop\yji5rb6m.exe
    [2011/01/22 19:02:09 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Marion\My Documents\Jesus God's SON.doc
    [2010/10/30 21:43:49 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
    [2010/06/30 15:00:07 | 000,000,074 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
    [2010/05/30 19:15:43 | 000,007,122 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
    [2010/04/04 10:57:41 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Marion\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/04/03 10:27:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Marion\Local Settings\Application Data\fusioncache.dat
    [2010/04/03 10:03:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2006/05/13 16:56:11 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2006/02/24 22:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
    [2006/02/16 09:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
    [2006/02/16 03:50:52 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2006/02/16 03:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
    [2006/02/16 03:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
    [2006/02/16 03:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
    [2006/02/16 03:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
    [2006/02/16 03:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
    [2006/02/16 03:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
    [2006/02/15 10:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
    [2006/02/15 10:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
    [2006/02/15 10:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
    [2006/02/15 10:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
    [2006/02/15 10:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
    [2006/02/15 10:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
    [2006/02/15 10:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
    [2006/02/15 10:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
    [2006/02/15 10:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
    [2006/02/15 09:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2006/02/15 09:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2006/02/15 08:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
    [2006/02/15 08:03:57 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_003438_.tmp.dll
    [2006/02/15 08:02:59 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_003470_.tmp.dll
    [2006/02/15 01:30:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2006/02/09 16:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
    [2005/11/28 22:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2005/09/02 16:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
    [2005/08/24 17:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
    [2005/08/05 16:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2005/07/22 23:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
    [2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
    [2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
    [2004/01/13 20:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll

    < End of report >

    OTL Extras logfile created on: 1/18/2011 4:22:31 PM - Run 1
    OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Marion\My Documents\Downloads
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 148.80 Gb Total Space | 113.06 Gb Free Space | 75.98% Space Free | Partition Type: NTFS
    Drive E: | 1.91 Gb Total Space | 1.40 Gb Free Space | 73.35% Space Free | Partition Type: FAT32
    Drive F: | 1.92 Gb Total Space | 1.92 Gb Free Space | 99.98% Space Free | Partition Type: FAT
    Drive G: | 14.92 Gb Total Space | 10.37 Gb Free Space | 69.56% Space Free | Partition Type: FAT32

    Computer Name: CHARLIE | User Name: Marion | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 1
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
    "C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon
    "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed
    "C:\Program Files\Common Files\AOL\1140083713\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1140083713\EE\AOLServiceHost.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\1147563008\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1147563008\EE\AOLServiceHost.exe:*:Enabled:AOL
    "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
    "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
    "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
    "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
    "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
    "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
    "{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    "{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
    "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
    "{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
    "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
    "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
    "{57729BE1-DE2C-45DB-9FFA-5C1949679B3E}" = Watchtower Library 2010 - English
    "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
    "{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
    "{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
    "{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
    "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
    "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
    "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
    "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
    "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
    "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
    "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
    "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
    "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
    "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
    "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
    "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
    "{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
    "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
    "{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
    "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
    "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
    "{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
    "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
    "{F21B28BF-8A4D-4F1A-A61B-69DD5B4A9BBA}" = Toshiba Media Center Game Console
    "{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}" = Family Tree Maker 2006
    "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
    "{F6C405D2-C50D-4D10-B89E-73A233A14D74}" = Toshiba Registration
    "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "avast5" = avast! Free Antivirus
    "Desktop Dialer" = Desktop Dialer
    "Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
    "Google Desktop" = Google Desktop
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "ie8" = Windows Internet Explorer 8
    "InfraRecorder" = InfraRecorder
    "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "nLite_is1" = nLite 1.4.9.1
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
    "Picasa2" = Picasa 2
    "Power Saver" = TOSHIBA Power Saver
    "ProInst" = Intel(R) PROSet/Wireless Software
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "QuickTime" = QuickTime
    "RealPlayer 6.0" = RealPlayer Basic
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TOSHIBA Software Modem" = TOSHIBA Software Modem
    "TOSHIBA TV Tuner" = TOSHIBA TV Tuner 4.0.12.73
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    "WIC" = Windows Imaging Component
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/9/2010 6:32:09 AM | Computer Name = CHARLIE | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module comctl32.dll, version 6.0.2900.5512, fault address 0x0004dbd9.

    Error - 8/18/2010 8:01:21 PM | Computer Name = CHARLIE | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module , version 0.0.0.0, fault address 0x00000000.

    Error - 8/18/2010 8:01:56 PM | Computer Name = CHARLIE | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module ntdll.dll, version 5.1.2600.5755, fault address 0x00010cce.

    Error - 8/18/2010 8:02:07 PM | Computer Name = CHARLIE | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module ntdll.dll, version 5.1.2600.5755, fault address 0x00010cce.

    Error - 10/30/2010 6:32:20 PM | Computer Name = CHARLIE | Source = Application Error | ID = 1000
    Description = Faulting application wmpenc.exe, version 11.0.5721.5145, faulting
    module ntdll.dll, version 5.1.2600.5755, fault address 0x00011689.

    Error - 10/30/2010 7:42:39 PM | Computer Name = CHARLIE | Source = Application Hang | ID = 1002
    Description = Hanging application RecordNow.exe, version 7.31.21.0, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 12/19/2010 12:44:13 AM | Computer Name = CHARLIE | Source = EventSystem | ID = 4614
    Description = The COM+ Event System detected an inconsistency in its internal state.
    The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
    Please contact Microsoft Product Support Services to report this erro

    [ System Events ]
    Error - 12/14/2010 6:13:25 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 12/14/2010 6:13:25 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 12/16/2010 4:54:02 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 12/16/2010 4:54:02 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 12/22/2010 6:22:05 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 12/22/2010 6:22:05 AM | Computer Name = CHARLIE | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 1/5/2011 6:54:46 PM | Computer Name = CHARLIE | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 1/5/2011 6:54:46 PM | Computer Name = CHARLIE | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.

    Error - 1/10/2011 7:09:46 PM | Computer Name = CHARLIE | Source = W32Time | ID = 39452689
    Description = Time Provider NtpClient: An error occurred during DNS lookup of the
    manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
    again in 15 minutes. The error was: A socket operation was attempted to an unreachable
    host. (0x80072751)

    Error - 1/10/2011 7:09:46 PM | Computer Name = CHARLIE | Source = W32Time | ID = 39452701
    Description = The time provider NtpClient is configured to acquire time from one
    or more time sources, however none of the sources are currently accessible. No attempt
    to contact a source will be made for 14 minutes. NtpClient has no source of accurate
    time.


    < End of report >
     
  10. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    Hi mwredt,
    Not seeing to much in your logs, However I want you to try the instructions below to see if it will restore your connectivity :)

    Download WinsockFix http://www.greyknight17.com/spy/WinsockFix.zip and unzip it. Then double click on WinsockFix.exe to run it and press fix.
     
  11. mwredt

    mwredt Thread Starter

    Joined:
    Mar 21, 2005
    Messages:
    634
    Yes, this solved my connection problem. I now have internet access and am not getting anymore alerts from PC 2011. It took a while but you did it. Thank you very much.
     
  12. imduffy

    imduffy

    Joined:
    Aug 10, 2010
    Messages:
    312
    Hi mwredt,

    Everything appears to be clean :)
    If you have any more issues or you feel there is something I have missed let me know.
    I'm sorry this has taken so long to complete.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


    Recommendations

    Alternative Anti-Virus Programs

    This is one of the most recommended things. Using a real time anti-virus can help prevent infection caused by user miss-use. My personal prefrence is avast

    The following anti-virus software is also recommended by the community:
    Update your anti-virus software

    Using your anti-virus program without it being updated in some cases is more dangerous than using no anti-virus as it creates a sense of false security. Please up date it regularly

    Install a firewall

    This is one step highly recommended in the malware industry; personally I don't see a need for it on a home user level.In this day and age most of us are running a router which has a build in firewall which will block incoming connections which should be enough.

    If you are worried about monitoring outgoing connections on your machine feel free to install a software based firewall(windows vista and windows 7 already have an outbound firewall built in) I recommend Comodo firewall which is freely downloadable from their website http://www.comodo.com/home/download/...?prod=firewall
    Others in the community also recommend the following:


    Be Smart!

    This is probably one of the most important things. Most infections these days are due to user fault I can’t stress how important it is to be cautions when browsing the internet.
    • Watch what you download
      • A lot of freeware programs come bundled with ad-ware that will slow down your machine and cause general hassle. Watch out for pre-checked options such as toolbars that are not required when installing software
      • Avoid Peer-to-peer programs such as kazza, limewire, iMesh etc. Peer-to-peer content in my experiences is greatly infected and usually the cause of infection on clients machines.
      Always be wary of files with the extensions of .exe, .pif, .com and .bat
      If you are ever unsure about content you have downloaded feel free to scan it online for free:
      http://virscan.org/
    • If you visit a site and a popup appears saying that your computer is unsafe, ignore it! These are gimmicks which result in you installing a rogue anti-virus and possibly passing on credit-card details
    • Avoid using warez and cracks they are generally loaded with dangerous content
    Spring Cleaning

    TFC - Temp File Cleaner by OldTimer - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders

    Auslogics Disc Defrag or JKDefrag - Two good disc defragmenters for you to choose from.
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Security 2011 Security
  1. parman
    Replies:
    1
    Views:
    339
  2. crsaj
    Replies:
    3
    Views:
    693
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/977716

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice