GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2011-02-05 12:33:06 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD3200BEVT-22ZCT0 rev.11.01A11 Running: pxbjmxcp.exe; Driver: C:\DOCUME~1\drelyy\USTAWI~1\Temp\pxtdypow.sys ---- System - GMER 1.0.15 ---- INT 0x62 ? 89E52BF8 INT 0x82 ? 89E52BF8 INT 0x94 ? 89C10BF8 INT 0xA4 ? 89C10BF8 INT 0xB4 ? 89C10BF8 Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB83EB82E] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB83EB652] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB83EB78C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- PAGE ntkrnlpa.exe!ZwLoadDriver 80582DFE 7 Bytes JMP B83EB790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A4ECC 4 Bytes CALL B8384C2B \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 805A9DEE 7 Bytes JMP B83EB656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BAEDA 5 Bytes JMP B83E71EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 805C1810 5 Bytes JMP B83E8C88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 805CF966 7 Bytes JMP B83EB832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ? sphh.sys Nie można odnaleźć określonego pliku. ! .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9DC4380, 0x2F1E97, 0xE8000020] .text USBPORT.SYS!DllUnload B9DA562C 5 Bytes JMP 89C101D8 .text add19gdc.SYS B9C8A386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text add19gdc.SYS B9C8A3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text add19gdc.SYS B9C8A3C4 3 Bytes [00, 80, 02] .text add19gdc.SYS B9C8A3C9 1 Byte [30] .text add19gdc.SYS B9C8A3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xB596B300, 0x3ACC8, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xBABE0300, 0x1B7E, 0xE8000020] pnidata C:\WINDOWS\system32\DRIVERS\secdrv.sys unknown last section [0xB551FF00, 0x24000, 0x48000000] ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\spoolsv.exe[592] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\spoolsv.exe[592] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\winlogon.exe[664] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\services.exe[708] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\lsass.exe[720] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[876] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[948] USER32.dll!TrackPopupMenu 77D84F16 5 Bytes JMP 10402342 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\WINDOWS\System32\svchost.exe[964] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\svchost.exe[964] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1032] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1064] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Java\jre6\bin\jqs.exe[1108] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[1252] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Avast5\AvastSvc.exe[1312] kernel32.dll!SetUnhandledExceptionFilter 7C810386 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Documents and Settings\drelyy\Moje dokumenty\Pobieranie\pxbjmxcp.exe[1360] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\Explorer.EXE[1432] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe[1524] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1552] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\ctfmon.exe[1616] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\nvsvc32.exe[1648] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\O2Micro\o2flash.exe[1660] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\svchost.exe[1780] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe[1904] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wdfmgr.exe[1928] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Mozilla Firefox\firefox.exe[2168] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2284] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\system32\wscntfy.exe[2288] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 64D06950 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ntdll.dll!LdrUnloadDll 7C91718B 5 Bytes JMP 64D069B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] USER32.dll!SetWinEventHook 77D5E3D3 4 Bytes JMP 64D0B720 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] USER32.dll!UnhookWinEvent 77D5E544 5 Bytes JMP 64D0B8A0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] USER32.dll!SetWindowsHookExW 77D5E621 4 Bytes JMP 64D0BB30 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] USER32.dll!UnhookWindowsHookEx 77D5F29F 5 Bytes JMP 64D0BCB0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] USER32.dll!SetWindowsHookExA 77D602B2 4 Bytes JMP 64D0B9B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!SetServiceObjectSecurity 77E26BE1 5 Bytes JMP 64D09D40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!ChangeServiceConfigA 77E26CC9 5 Bytes JMP 64D07AE0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!ChangeServiceConfigW 77E26E61 5 Bytes JMP 64D07ED0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!ChangeServiceConfig2A 77E26F61 5 Bytes JMP 64D08290 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!ChangeServiceConfig2W 77E26FE9 5 Bytes JMP 64D083C0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!CreateServiceA 77E27071 5 Bytes JMP 64D06E40 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!CreateServiceW 77E27209 5 Bytes JMP 64D072B0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\WINDOWS\System32\alg.exe[2408] ADVAPI32.dll!DeleteService 77E27311 5 Bytes JMP 64D078E0 C:\Program Files\Avast5\snxhk.dll (avast! snxhk/AVAST Software) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6B6042] sphh.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6B613E] sphh.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6B60C0] sphh.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6B6800] sphh.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6B66D6] sphh.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6C5B90] sphh.sys IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KfAcquireSpinLock] 0C8D1C46 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!READ_PORT_UCHAR] B48B8932 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KeGetCurrentIrql] 89000001 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KfRaiseIrql] 0001C083 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KfLowerIrql] 24468B00 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!HalGetInterruptVector] 89820C8D IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!HalTranslateBusAddress] D18BF84D IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KeStallExecutionProcessor] 860F1639 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!KfReleaseSpinLock] 000000BD IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 020CB389 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 7400067E IAT \SystemRoot\System32\Drivers\add19gdc.SYS[HAL.dll!WRITE_PORT_UCHAR] 89D60320 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[WMILIB.SYS!WmiSystemControl] 8D168B00 IAT \SystemRoot\System32\Drivers\add19gdc.SYS[WMILIB.SYS!WmiCompleteRequest] F0003284 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[708] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00640002 IAT C:\WINDOWS\system32\services.exe[708] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00640000 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) Device \FileSystem\Ntfs \Ntfs 89E511F8 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\usbuhci \Device\USBPDO-0 89C0F1F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 89DE41F8 Device \Driver\dmio \Device\DmControl\DmConfig 89DE41F8 Device \Driver\dmio \Device\DmControl\DmPnP 89DE41F8 Device \Driver\dmio \Device\DmControl\DmInfo 89DE41F8 Device \Driver\usbuhci \Device\USBPDO-1 89C0F1F8 Device \Driver\usbehci \Device\USBPDO-2 89BF81F8 Device \Driver\usbehci \Device\USBPDO-3 89BF81F8 Device \Driver\usbuhci \Device\USBPDO-4 89C0F1F8 AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\usbuhci \Device\USBPDO-5 89C0F1F8 Device \Driver\usbuhci \Device\USBPDO-6 89C0F1F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 89E531F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 89E531F8 Device \Driver\Cdrom \Device\CdRom0 89BE41F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 89E521F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdePort0 89E521F8 Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdePort1 89E521F8 Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 89E521F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\Cdrom \Device\CdRom1 89BE41F8 Device \Driver\sptd \Device\2720859420 sphh.sys Device \Driver\NetBT \Device\NetBt_Wins_Export 895001F8 Device \Driver\NetBT \Device\NetbiosSmb 895001F8 Device \Driver\PCI_PNP9420 \Device\0000004e sphh.sys AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\usbuhci \Device\USBFDO-0 89C0F1F8 Device \Driver\usbuhci \Device\USBFDO-1 89C0F1F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8944C1F8 Device \Driver\usbehci \Device\USBFDO-2 89BF81F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8944C1F8 Device \Driver\usbuhci \Device\USBFDO-3 89C0F1F8 Device \Driver\usbuhci \Device\USBFDO-4 89C0F1F8 Device \Driver\Ftdisk \Device\FtControl 89E531F8 Device \Driver\usbuhci \Device\USBFDO-5 89C0F1F8 Device \Driver\usbehci \Device\USBFDO-6 89BF81F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{B8FCF3AF-C37D-4D81-93FE-7424ADA534F9} 895001F8 Device \Driver\add19gdc \Device\Scsi\add19gdc1Port4Path0Target0Lun0 89B8E1F8 Device \Driver\add19gdc \Device\Scsi\add19gdc1Port4Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\add19gdc \Device\Scsi\add19gdc1 89B8E1F8 Device \Driver\add19gdc \Device\Scsi\add19gdc1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\Cdfs \Cdfs 89CD9478 ---- Processes - GMER 1.0.15 ---- Library C:\WINDOWS\system32\arking0.dll (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [1432] 0x10000000 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x39 0xFA 0xE9 0x98 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9B 0x14 0xA1 0x70 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB4 0xF9 0x91 0x8F ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x39 0xFA 0xE9 0x98 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9B 0x14 0xA1 0x70 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB4 0xF9 0x91 0x8F ... ---- EOF - GMER 1.0.15 ----