GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-06-06 14:11:38 Windows 5.1.2600 Service Pack 2 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-17 ST380013AS rev.3.43 Running: zot1m262[1].exe; Driver: C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\fxlyipob.sys ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\RunDLL32.exe[132] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00A0D9C0; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00A0D97F; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00A01C2A; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00A0F157; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00A0C6A9; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00A0C6F9; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00A0C60A; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 009FAF90; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 009FB02A; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 009FAC8C; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00A01C6A; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 009FAEC2; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00A0C4DC; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00A0C4AA; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00A0C5BA; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00A01CFD; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00A0C724; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 009FACD2; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 009FAF0B; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, A0] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 009FAFDD; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 009FB07C; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 009FAD18; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 009FAD5E; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 009FADA4; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 009FAE36; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, 9F] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, 9F] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00A0C6D1; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00A0F2CD; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 009FADED; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 009FAE7C; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00A0C523; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00A0DA3D; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00A0DA26; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00A03310; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00A03737; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00A032A0; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00A03758; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\WINDOWS\system32\RunDLL32.exe[132] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00A036FF; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 009FEF08; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 009FC246; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 009FC4FE; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 009FC2D9; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 009FC69E; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 009FC56B; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 009FC672; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 009FC32E; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 009FC208; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 009FC618; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 009FC599; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 009FC284; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 009FC3CB; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C3009FC4; RET .text C:\WINDOWS\system32\RunDLL32.exe[132] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 009FC4B3; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 008ED9C0; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 008ED97F; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 008E1C2A; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 008EF157; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 008EC6A9; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 008EC6F9; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 008EC60A; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 008DAF90; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 008DB02A; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 008DAC8C; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 008E1C6A; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 008DAEC2; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 008EC4DC; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 008EC4AA; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 008EC5BA; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 008E1CFD; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 008EC724; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 008DACD2; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 008DAF0B; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, 8E] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 008DAFDD; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 008DB07C; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 008DAD18; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 008DAD5E; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 008DADA4; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 008DAE36; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, 8D] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, 8D] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 008EC6D1; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 008EF2CD; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 008DADED; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 008DAE7C; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 008EC523; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 008EDA3D; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 008EDA26; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 008E3310; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!send 71A3428A 6 Bytes PUSH 008E3737; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 008E32A0; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 008E3758; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 008E36FF; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 008DEF08; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 008DC246; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 008DC4FE; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 008DC2D9; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 008DC69E; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 008DC56B; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 008DC672; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 008DC32E; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 008DC208; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 008DC618; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 008DC599; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 008DC284; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 008DC3CB; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C3008DC4; RET .text C:\Programmi\HP\HP Software Update\HPWuSchd2.exe[160] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 008DC4B3; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00D9D9C0; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00D9D97F; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00D91C2A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00D9F157; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00D9C6A9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00D9C6F9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00D9C60A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00D8AF90; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00D8B02A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00D8AC8C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00D91C6A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00D8AEC2; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00D9C4DC; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00D9C4AA; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00D9C5BA; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00D91CFD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00D9C724; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefWindowProcA 77D1DF6B 3 Bytes [68, D2, AC] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefWindowProcA + 4 77D1DF6F 2 Bytes [00, C3] {ADD BL, AL} .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00D8AF0B; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, D9] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00D8AFDD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00D8B07C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00D8AD18; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00D8AD5E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00D8ADA4; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00D8AE36; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, D8] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, D8] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00D9C6D1; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00D9F2CD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00D8ADED; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00D8AE7C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00D9C523; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00D9DA3D; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00D9DA26; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00D93310; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00D93737; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00D932A0; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00D93758; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00D936FF; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00D8C246; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00D8C4FE; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00D8C2D9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00D8C69E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 00D8C56B; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00D8C672; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00D8C32E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00D8C208; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00D8C618; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00D8C599; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00D8C284; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00D8C3CB; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300D8C4; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00D8C4B3; RET .text C:\Programmi\File comuni\Ahead\Lib\NMBgMonitor.exe[188] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00D8EF08; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, 9D] {PUSH EDI; XLATB ; POPF } .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 009DD9C0; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 009DD97F; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 009DDA3D; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 009DDA26; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 009D1C2A; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 009DF157; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 009DC6A9; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 009DC6F9; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 009DC60A; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 009CAF90; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 009CB02A; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 009CAC8C; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 009D1C6A; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 009CAEC2; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 009DC4DC; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 009DC4AA; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 009DC5BA; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 009D1CFD; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 009DC724; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 009CACD2; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 009CAF0B; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, 9D] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 009CAFDD; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 009CB07C; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 009CAD18; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 009CAD5E; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 009CADA4; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 009CAE36; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, 9C] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, 9C] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 009DC6D1; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 009DF2CD; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 009CADED; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 009CAE7C; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 009DC523; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 009D3310; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!send 71A3428A 6 Bytes PUSH 009D3737; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 009D32A0; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 009D3758; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 009D36FF; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 009CC246; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 009CC4FE; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 009CC2D9; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 009CC69E; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 009CC56B; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 009CC672; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 009CC32E; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 009CC208; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 009CC618; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 009CC599; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 009CC284; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 009CC3CB; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C3009CC4; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 009CC4B3; RET .text C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[208] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 009CEF08; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0124D576; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 24, 01, C3] {PUSH EDI; XLATB ; AND AL, 0x1; RET } .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0124D9C0; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0124D97F; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 01241C2A; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetDC 77D18697 6 Bytes PUSH 01241BAC; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0124F157; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 01241BEB; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0124C6A9; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0124C6F9; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0124C60A; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0123AF90; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0123B02A; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0123AC8C; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 01241AA1; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 01241B11; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 01241C6A; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0123AEC2; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0124C4DC; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0124C4AA; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0124C560; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0124C5BA; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 01241CFD; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0124C724; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0123ACD2; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0123AF0B; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 01241B51; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0123AFDD; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0123B07C; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0123AD18; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0123AD5E; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0123ADA4; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0123AE36; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 0123AC1E; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 0123AC6E; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0124C6D1; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0124F2CD; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0123ADED; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0123AE7C; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0124C523; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0124DA3D; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0124DA26; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0123EF08; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 01243310; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!send 71A3428A 6 Bytes PUSH 01243737; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 012432A0; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 01243758; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 012436FF; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0123C246; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0123C4FE; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0123C2D9; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0123C69E; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 0123C56B; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0123C672; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0123C32E; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0123C208; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0123C618; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0123C599; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0123C284; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0123C3CB; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30123C4; RET .text C:\Programmi\Creative\Shared Files\CamTray.exe[232] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0123C4B3; RET .text C:\Programmi\ipla\ipla.exe[248] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0295D576; RET .text C:\Programmi\ipla\ipla.exe[248] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 95, 02, C3] {PUSH EDI; XLATB ; XCHG EBP, EAX; ADD AL, BL} .text C:\Programmi\ipla\ipla.exe[248] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0295D9C0; RET .text C:\Programmi\ipla\ipla.exe[248] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0295D97F; RET .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 02953310; RET .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!send 71A3428A 6 Bytes PUSH 02953737; RET .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 029532A0; RET .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 02953758; RET .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\ipla\ipla.exe[248] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 029536FF; RET .text C:\Programmi\ipla\ipla.exe[248] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0295DA3D; RET .text C:\Programmi\ipla\ipla.exe[248] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0295DA26; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 02951C2A; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetDC 77D18697 6 Bytes PUSH 02951BAC; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0295F157; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 02951BEB; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0295C6A9; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0295C6F9; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0295C60A; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0294AF90; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0294B02A; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0294AC8C; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 02951AA1; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 02951B11; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 02951C6A; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0294AEC2; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0295C4DC; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0295C4AA; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0295C560; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0295C5BA; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 02951CFD; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0295C724; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0294ACD2; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0294AF0B; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 02951B51; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0294AFDD; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0294B07C; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0294AD18; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0294AD5E; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0294ADA4; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0294AE36; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 0294AC1E; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 0294AC6E; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0295C6D1; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0295F2CD; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0294ADED; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0294AE7C; RET .text C:\Programmi\ipla\ipla.exe[248] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0295C523; RET .text C:\Programmi\ipla\ipla.exe[248] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0294EF08; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0294C246; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0294C4FE; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0294C2D9; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0294C69E; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!InternetReadFile 77199555 6 Bytes PUSH 0294C56B; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0294C672; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0294C32E; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0294C208; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0294C618; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0294C599; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0294C284; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0294C3CB; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30294C4; RET .text C:\Programmi\ipla\ipla.exe[248] wininet.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0294C4B3; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0222D576; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 22, 02, C3] {PUSH EDI; XLATB ; AND AL, [EDX]; RET } .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0222D9C0; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0222D97F; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 02221C2A; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetDC 77D18697 6 Bytes PUSH 02221BAC; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0222F157; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 02221BEB; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0222C6A9; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0222C6F9; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0222C60A; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0221AF90; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0221B02A; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0221AC8C; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 02221AA1; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 02221B11; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 02221C6A; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0221AEC2; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0222C4DC; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0222C4AA; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0222C560; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0222C5BA; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 02221CFD; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0222C724; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0221ACD2; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0221AF0B; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 02221B51; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0221AFDD; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0221B07C; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0221AD18; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0221AD5E; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0221ADA4; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0221AE36; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 0221AC1E; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 0221AC6E; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0222C6D1; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0222F2CD; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0221ADED; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0221AE7C; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0222C523; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0222DA3D; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0222DA26; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 02223310; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!send 71A3428A 6 Bytes PUSH 02223737; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 022232A0; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 02223758; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 022236FF; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0221C246; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0221C4FE; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0221C2D9; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0221C69E; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 0221C56B; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0221C672; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0221C32E; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0221C208; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0221C618; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0221C599; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0221C284; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0221C3CB; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30221C4; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0221C4B3; RET .text C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe[256] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0221EF08; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00B3D9C0; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00B3D97F; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00B3DA3D; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00B3DA26; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00B31C2A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00B3F157; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00B3C6A9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00B3C6F9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00B3C60A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00B2AF90; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00B2B02A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00B2AC8C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00B31C6A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00B2AEC2; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00B3C4DC; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00B3C4AA; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00B3C5BA; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00B31CFD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00B3C724; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 00B2ACD2; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00B2AF0B; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, B3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00B2AFDD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00B2B07C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00B2AD18; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00B2AD5E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00B2ADA4; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00B2AE36; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, B2] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, B2] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00B3C6D1; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00B3F2CD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00B2ADED; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00B2AE7C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00B3C523; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00B33310; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00B33737; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00B332A0; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00B33758; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00B336FF; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00B2EF08; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00B2C246; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00B2C4FE; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00B2C2D9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00B2C69E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 00B2C56B; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00B2C672; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00B2C32E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00B2C208; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00B2C618; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00B2C599; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00B2C284; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00B2C3CB; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300B2C4; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe[440] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00B2C4B3; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 063CD576; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 3C, 06, C3] {PUSH EDI; XLATB ; CMP AL, 0x6; RET } .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 063CD9C0; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 063CD97F; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 063C3310; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!send 71A3428A 6 Bytes PUSH 063C3737; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 063C32A0; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 063C3758; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 063C36FF; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 063CDA3D; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 063CDA26; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 063C1C2A; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetDC 77D18697 6 Bytes PUSH 063C1BAC; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 063CF157; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 063C1BEB; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 063CC6A9; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 063CC6F9; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 063CC60A; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 063BAF90; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 063BB02A; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 063BAC8C; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 063C1AA1; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 063C1B11; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 063C1C6A; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 063BAEC2; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 063CC4DC; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 063CC4AA; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 063CC560; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 063CC5BA; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 063C1CFD; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 063CC724; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 063BACD2; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 063BAF0B; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 063C1B51; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 063BAFDD; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 063BB07C; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 063BAD18; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 063BAD5E; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 063BADA4; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 063BAE36; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 063BAC1E; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 063BAC6E; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 063CC6D1; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 063CF2CD; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 063BADED; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 063BAE7C; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 063CC523; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 063BC246; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 063BC4FE; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 063BC2D9; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 063BC69E; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 063BC56B; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 063BC672; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 063BC32E; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 063BC208; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 063BC618; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 063BC599; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 063BC284; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 063BC3CB; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C3063BC4; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 063BC4B3; RET .text C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe[452] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 063BEF08; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0125D576; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 25, 01, C3] .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0125D9C0; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0125D97F; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 01251C2A; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetDC 77D18697 6 Bytes PUSH 01251BAC; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0125F157; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 01251BEB; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0125C6A9; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0125C6F9; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0125C60A; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0124AF90; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0124B02A; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0124AC8C; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 01251AA1; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 01251B11; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 01251C6A; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0124AEC2; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0125C4DC; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0125C4AA; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0125C560; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0125C5BA; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 01251CFD; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0125C724; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0124ACD2; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0124AF0B; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 01251B51; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0124AFDD; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0124B07C; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0124AD18; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0124AD5E; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0124ADA4; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0124AE36; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 0124AC1E; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 0124AC6E; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0125C6D1; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0125F2CD; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0124ADED; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0124AE7C; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0125C523; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0125DA3D; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0125DA26; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 01253310; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!send 71A3428A 6 Bytes PUSH 01253737; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 012532A0; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 01253758; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 012536FF; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0124C246; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0124C4FE; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0124C2D9; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0124C69E; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 0124C56B; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0124C672; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0124C32E; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0124C208; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0124C618; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0124C599; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0124C284; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0124C3CB; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30124C4; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0124C4B3; RET .text C:\Programmi\Uniblue\DriverScanner\driverscanner.exe[480] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0124EF08; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, A4] {PUSH EDI; XLATB ; MOVSB } .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00A4D9C0; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00A4D97F; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00A41C2A; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00A4F157; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00A4C6A9; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00A4C6F9; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00A4C60A; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00A3AF90; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00A3B02A; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00A3AC8C; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00A41C6A; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00A3AEC2; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00A4C4DC; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00A4C4AA; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00A4C5BA; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00A41CFD; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00A4C724; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 00A3ACD2; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00A3AF0B; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, A4] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00A3AFDD; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00A3B07C; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00A3AD18; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00A3AD5E; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00A3ADA4; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00A3AE36; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, A3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, A3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00A4C6D1; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00A4F2CD; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00A3ADED; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00A3AE7C; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00A4C523; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00A4DA3D; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00A4DA26; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00A3C246; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00A3C4FE; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00A3C2D9; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00A3C69E; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!InternetReadFile 77199555 6 Bytes PUSH 00A3C56B; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00A3C672; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00A3C32E; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00A3C208; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00A3C618; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00A3C599; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00A3C284; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00A3C3CB; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300A3C4; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] wininet.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00A3C4B3; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00A3EF08; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00A43310; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00A43737; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00A432A0; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00A43758; RET .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\File comuni\Sonic Shared\CineTray.exe[516] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00A436FF; RET .text C:\WINDOWS\System32\svchost.exe[1108] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes JMP 01939DD2 .text C:\WINDOWS\System32\svchost.exe[1108] NETAPI32.dll!NetpwPathCanonicalize 5BC7A259 5 Bytes JMP 01939D72 .text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!NtQueryInformationProcess 7C91E01B 5 Bytes JMP 00879DD2 .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0014D9C0; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0014D97F; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00141C2A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0014F157; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0014C6A9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0014C6F9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0014C60A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0013AF90; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0013B02A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0013AC8C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00141C6A; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0013AEC2; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0014C4DC; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0014C4AA; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0014C5BA; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00141CFD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0014C724; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0013ACD2; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0013AF0B; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, 14] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0013AFDD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0013B07C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0013AD18; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0013AD5E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0013ADA4; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0013AE36; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, 13] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, 13] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0014C6D1; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0014F2CD; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0013ADED; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0013AE7C; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0014C523; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0014DA3D; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0014DA26; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00143310; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00143737; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 001432A0; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00143758; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 001436FF; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0013EF08; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0013C246; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0013C4FE; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0013C2D9; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0013C69E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 0013C56B; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0013C672; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0013C32E; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0013C208; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0013C618; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0013C599; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0013C284; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0013C3CB; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30013C4; RET .text C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe[1324] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0013C4B3; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0110D576; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 10, 01, C3] {PUSH EDI; XLATB ; ADC [ECX], AL; RET } .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0110D9C0; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0110D97F; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 01101C2A; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetDC 77D18697 6 Bytes PUSH 01101BAC; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0110F157; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 01101BEB; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0110C6A9; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0110C6F9; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0110C60A; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 010FAF90; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 010FB02A; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 010FAC8C; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 01101AA1; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 01101B11; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 01101C6A; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 010FAEC2; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0110C4DC; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0110C4AA; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0110C560; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0110C5BA; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 01101CFD; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0110C724; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 010FACD2; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 010FAF0B; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 01101B51; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 010FAFDD; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 010FB07C; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 010FAD18; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 010FAD5E; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 010FADA4; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 010FAE36; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 010FAC1E; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 010FAC6E; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0110C6D1; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0110F2CD; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 010FADED; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 010FAE7C; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0110C523; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0110DA3D; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0110DA26; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 01103310; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!send 71A3428A 6 Bytes PUSH 01103737; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 011032A0; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 01103758; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 011036FF; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 010FEF08; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 010FC246; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 010FC4FE; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 010FC2D9; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 010FC69E; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 010FC56B; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 010FC672; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 010FC32E; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 010FC208; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 010FC618; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 010FC599; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 010FC284; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 010FC3CB; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C3010FC4; RET .text C:\Programmi\Uniblue\DriverScanner\dsmonitor.exe[1748] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 010FC4B3; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00C8D9C0; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00C8D97F; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00C81C2A; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00C8F157; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00C8C6A9; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00C8C6F9; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00C8C60A; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00C7AF90; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00C7B02A; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00C7AC8C; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00C81C6A; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00C7AEC2; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00C8C4DC; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00C8C4AA; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00C8C5BA; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00C81CFD; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00C8C724; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 00C7ACD2; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00C7AF0B; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, C8] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00C7AFDD; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00C7B07C; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00C7AD18; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00C7AD5E; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00C7ADA4; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00C7AE36; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, C7] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, C7] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00C8C6D1; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00C8F2CD; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00C7ADED; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00C7AE7C; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00C8C523; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00C8DA3D; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00C8DA26; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00C83310; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00C83737; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00C832A0; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00C83758; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\WINDOWS\system32\hkcmd.exe[1860] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00C836FF; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00C7EF08; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00C7C246; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00C7C4FE; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00C7C2D9; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00C7C69E; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 00C7C56B; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00C7C672; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00C7C32E; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00C7C208; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00C7C618; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00C7C599; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00C7C284; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00C7C3CB; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300C7C4; RET .text C:\WINDOWS\system32\hkcmd.exe[1860] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00C7C4B3; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, CF] {PUSH EDI; XLATB ; IRET } .text C:\WINDOWS\system32\igfxpers.exe[1868] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00CFD9C0; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00CFD97F; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00CF1C2A; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00CFF157; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00CFC6A9; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00CFC6F9; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00CFC60A; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00CEAF90; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00CEB02A; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00CEAC8C; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00CF1C6A; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00CEAEC2; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00CFC4DC; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00CFC4AA; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!ReleaseCapture 77D1C9A4 3 Bytes [68, BA, C5] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!ReleaseCapture + 4 77D1C9A8 2 Bytes [00, C3] {ADD BL, AL} .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00CF1CFD; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00CFC724; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 00CEACD2; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00CEAF0B; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, CF] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00CEAFDD; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00CEB07C; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00CEAD18; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00CEAD5E; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00CEADA4; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00CEAE36; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, CE] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, CE] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00CFC6D1; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00CFF2CD; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00CEADED; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00CEAE7C; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00CFC523; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00CFDA3D; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00CFDA26; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00CF3310; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00CF3737; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00CF32A0; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00CF3758; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\WINDOWS\system32\igfxpers.exe[1868] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00CF36FF; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00CEEF08; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00CEC246; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00CEC4FE; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00CEC2D9; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00CEC69E; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 00CEC56B; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00CEC672; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00CEC32E; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00CEC208; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00CEC618; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00CEC599; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00CEC284; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00CEC3CB; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300CEC4; RET .text C:\WINDOWS\system32\igfxpers.exe[1868] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00CEC4B3; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 02C7D576; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, C7, 02, C3] .text C:\WINDOWS\RTHDCPL.EXE[1928] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 02C7D9C0; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 02C7D97F; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 02C71C2A; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetDC 77D18697 6 Bytes PUSH 02C71BAC; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 02C7F157; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 02C71BEB; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 02C7C6A9; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 02C7C6F9; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 02C7C60A; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 02C6AF90; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 02C6B02A; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 02C6AC8C; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 02C71AA1; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 02C71B11; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 02C71C6A; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 02C6AEC2; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 02C7C4DC; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 02C7C4AA; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 02C7C560; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 02C7C5BA; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 02C71CFD; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 02C7C724; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 02C6ACD2; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 02C6AF0B; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 02C71B51; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 02C6AFDD; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 02C6B07C; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 02C6AD18; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 02C6AD5E; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 02C6ADA4; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 02C6AE36; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 02C6AC1E; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 02C6AC6E; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 02C7C6D1; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 02C7F2CD; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 02C6ADED; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 02C6AE7C; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 02C7C523; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 02C7DA3D; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 02C7DA26; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 02C6EF08; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 02C73310; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!send 71A3428A 6 Bytes PUSH 02C73737; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 02C732A0; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 02C73758; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\WINDOWS\RTHDCPL.EXE[1928] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 02C736FF; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 02C6C246; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 02C6C4FE; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 02C6C2D9; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 02C6C69E; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 02C6C56B; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 02C6C672; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 02C6C32E; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 02C6C208; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 02C6C618; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 02C6C599; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 02C6C284; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 02C6C3CB; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C302C6C4; RET .text C:\WINDOWS\RTHDCPL.EXE[1928] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 02C6C4B3; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ntdll.dll!NtCreateThread 7C91D7D2 4 Bytes [68, 76, D5, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ntdll.dll!NtCreateThread + 5 7C91D7D7 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ntdll.dll!LdrLoadDll + 1 7C9261CB 3 Bytes [57, D7, AC] {PUSH EDI; XLATB ; LODSB } .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ntdll.dll!LdrLoadDll + 5 7C9261CF 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 00ACD9C0; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 00ACD97F; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 00AC1C2A; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetDC 77D18697 4 Bytes [68, AC, 1B, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetDC + 5 77D1869C 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 00ACF157; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetWindowDC 77D18FF9 4 Bytes [68, EB, 1B, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetWindowDC + 5 77D18FFE 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 00ACC6A9; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 00ACC6F9; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 00ACC60A; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 00ABAF90; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 00ABB02A; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 00ABAC8C; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!BeginPaint 77D1B4B1 4 Bytes [68, A1, 1A, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!BeginPaint + 5 77D1B4B6 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!EndPaint 77D1B4C5 4 Bytes [68, 11, 1B, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!EndPaint + 5 77D1B4CA 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 00AC1C6A; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 00ABAEC2; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 00ACC4DC; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 00ACC4AA; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!SetCapture 77D1C988 4 Bytes [68, 60, C5, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!SetCapture + 5 77D1C98D 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 00ACC5BA; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 00AC1CFD; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 00ACC724; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 00ABACD2; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 00ABAF0B; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetDCEx 77D1F21D 4 Bytes [68, 51, 1B, AC] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetDCEx + 5 77D1F222 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 00ABAFDD; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 00ABB07C; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 00ABAD18; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 00ABAD5E; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 00ABADA4; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 00ABAE36; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!OpenInputDesktop 77D36607 4 Bytes [68, 1E, AC, AB] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!OpenInputDesktop + 5 77D3660C 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!SwitchDesktop 77D379A3 4 Bytes [68, 6E, AC, AB] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!SwitchDesktop + 5 77D379A8 1 Byte [C3] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 00ACC6D1; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 00ACF2CD; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 00ABADED; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 00ABAE7C; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 00ACC523; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 00ACDA3D; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 00ACDA26; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 00AC3310; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!send 71A3428A 6 Bytes PUSH 00AC3737; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 00AC32A0; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 00AC3758; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 00AC36FF; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 00ABEF08; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 00ABC246; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 00ABC4FE; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 00ABC2D9; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 00ABC69E; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 00ABC56B; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 00ABC672; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 00ABC32E; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 00ABC208; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 00ABC618; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 00ABC599; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 00ABC284; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 00ABC3CB; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C300ABC4; RET .text C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE[1960] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 00ABC4B3; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] ntdll.dll!NtCreateThread 7C91D7D2 6 Bytes PUSH 0126D576; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] ntdll.dll!LdrLoadDll + 1 7C9261CB 5 Bytes [57, D7, 26, 01, C3] .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] kernel32.dll!GetFileAttributesExW 7C81130D 6 Bytes PUSH 0126D9C0; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] kernel32.dll!ExitProcess 7C81CAA2 6 Bytes PUSH 0126D97F; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] ADVAPI32.dll!CreateProcessAsUserW 77F67775 6 Bytes PUSH 0126DA3D; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] ADVAPI32.dll!CreateProcessAsUserA 77F80958 6 Bytes PUSH 0126DA26; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!ReleaseDC 77D1866D 6 Bytes PUSH 01261C2A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetDC 77D18697 6 Bytes PUSH 01261BAC; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!TranslateMessage 77D18BCE 6 Bytes PUSH 0126F157; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetWindowDC 77D18FF9 6 Bytes PUSH 01261BEB; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetMessageW 77D191A3 6 Bytes PUSH 0126C6A9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!PeekMessageW 77D19278 6 Bytes PUSH 0126C6F9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetCapture 77D194FF 6 Bytes PUSH 0126C60A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!RegisterClassW 77D1A5EC 6 Bytes PUSH 0125AF90; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!RegisterClassExW 77D1AE29 6 Bytes PUSH 0125B02A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefWindowProcW 77D1B1E5 6 Bytes PUSH 0125AC8C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!BeginPaint 77D1B4B1 6 Bytes PUSH 01261AA1; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!EndPaint 77D1B4C5 6 Bytes PUSH 01261B11; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetUpdateRect 77D1BCEC 6 Bytes PUSH 01261C6A; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!CallWindowProcW 77D1C019 6 Bytes PUSH 0125AEC2; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetCursorPos 77D1C566 6 Bytes PUSH 0126C4DC; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetMessagePos 77D1C6E4 6 Bytes PUSH 0126C4AA; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!SetCapture 77D1C988 6 Bytes PUSH 0126C560; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!ReleaseCapture 77D1C9A4 6 Bytes PUSH 0126C5BA; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetUpdateRgn 77D1CE3B 6 Bytes PUSH 01261CFD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!PeekMessageA 77D1CEFD 6 Bytes PUSH 0126C724; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefWindowProcA 77D1DF6B 6 Bytes PUSH 0125ACD2; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!CallWindowProcA 77D1E34B 6 Bytes PUSH 0125AF0B; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetDCEx 77D1F21D 6 Bytes PUSH 01261B51; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!RegisterClassA 77D22316 6 Bytes PUSH 0125AFDD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!RegisterClassExA 77D24315 6 Bytes PUSH 0125B07C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefDlgProcW 77D24CFA 6 Bytes PUSH 0125AD18; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefDlgProcA 77D2759D 6 Bytes PUSH 0125AD5E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefFrameProcW 77D3430C 6 Bytes PUSH 0125ADA4; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefMDIChildProcW 77D34520 6 Bytes PUSH 0125AE36; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!OpenInputDesktop 77D36607 6 Bytes PUSH 0125AC1E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!SwitchDesktop 77D379A3 6 Bytes PUSH 0125AC6E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetMessageA 77D3EA45 6 Bytes PUSH 0126C6D1; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!GetClipboardData 77D3FCB2 6 Bytes PUSH 0126F2CD; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefFrameProcA 77D4F685 6 Bytes PUSH 0125ADED; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!DefMDIChildProcA 77D4F6D4 6 Bytes PUSH 0125AE7C; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] USER32.dll!SetCursorPos 77D55E8C 6 Bytes PUSH 0126C523; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!getaddrinfo 71A32A6F 6 Bytes PUSH 01263310; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!send 71A3428A 6 Bytes PUSH 01263737; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!gethostbyname 71A34FD4 6 Bytes PUSH 012632A0; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!WSASend 71A36233 6 Bytes PUSH 01263758; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!closesocket 71A39639 1 Byte [68] .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WS2_32.dll!closesocket 71A39639 6 Bytes PUSH 012636FF; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] CRYPT32.dll!PFXImportCertStore 77ABF748 6 Bytes PUSH 0125EF08; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpOpenRequestA 77194AC5 6 Bytes PUSH 0125C246; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!InternetCloseHandle 771961DC 6 Bytes PUSH 0125C4FE; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpSendRequestA 771976B8 6 Bytes PUSH 0125C2D9; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpQueryInfoA 77198C6A 6 Bytes PUSH 0125C69E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!InternetReadFile 77199555 6 Bytes PUSH 0125C56B; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!InternetQueryDataAvailable 771A325F 6 Bytes PUSH 0125C672; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpSendRequestExW 771A53EB 6 Bytes PUSH 0125C32E; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpOpenRequestW 771A6345 6 Bytes PUSH 0125C208; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!InternetSetFilePointer 771C71A5 6 Bytes PUSH 0125C618; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!InternetReadFileExA 771C7E9A 6 Bytes PUSH 0125C599; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpSendRequestW 771E1808 6 Bytes PUSH 0125C284; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpSendRequestExA 771E190D 6 Bytes PUSH 0125C3CB; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpEndRequestA 771E1973 6 Bytes PUSH C30125C4; RET .text C:\Programmi\File comuni\Ahead\Lib\NMIndexStoreSvr.exe[3112] WININET.dll!HttpEndRequestW 771E19A5 6 Bytes PUSH 0125C4B3; RET ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@DisplayName System Monitor Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@Type 32 Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@Start 2 Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@ObjectName LocalSystem Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva@Description Effettua il monitoraggio delle impostazioni e delle configurazioni di protezione del computer. Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\zskbdrva\Parameters@ServiceDll C:\WINDOWS\system32\ovbxua.dll Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@RequireSignedAppInit_DLLs 1 ---- EOF - GMER 1.0.15 ----