GMER 1.0.15.15570 - http://www.gmer.net Rootkit scan 2011-04-14 22:19:19 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600AAJS-60Z0A0 rev.03.03E03 Running: gmer.exe; Driver: C:\Users\Admin\AppData\Local\Temp\pwtirpod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x90218728] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x902187D8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x90218870] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x9022C82E] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x9022C652] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x9022C78C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKey + 13C1 82C54339 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C8DD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82C94DE8 4 Bytes [28, 87, 21, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 12B3 82C94FA8 4 Bytes [D8, 87, 21, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 1403 82C950F8 4 Bytes [70, 88, 21, 90] PAGE ntkrnlpa.exe!ZwLoadDriver 82DDDB78 7 Bytes JMP 9022C790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82E22B6C 5 Bytes JMP 902281EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 82E3AF2B 7 Bytes JMP 9022C656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 82E3B16E 5 Bytes JMP 90229CA0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82EF3E44 7 Bytes JMP 9022C832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\system32\wininit.exe[468] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[468] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[536] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\services.exe[568] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\services.exe[568] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[584] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsm.exe[592] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsm.exe[592] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[708] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[708] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] user32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] user32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] user32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] user32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[804] user32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[868] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Admin\Downloads\gmer\gmer.exe[952] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[968] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1112] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1204] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1304] kernel32.dll!SetUnhandledExceptionFilter 75813D01 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Windows\system32\Dwm.exe[1440] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1440] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1464] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe[1584] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1600] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1632] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[1644] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[1676] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1712] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Sidebar\sidebar.exe[1760] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\igfxsrvc.exe[1816] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskeng.exe[2024] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2108] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[2128] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\rundll32.exe[2268] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe[2408] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\LightScribe\LSSrvc.exe[2444] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] user32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] user32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] user32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] user32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PDF Complete\pdfsvc.exe[2532] user32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe[2608] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2652] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[2880] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2920] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2920] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe[2980] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3608] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3736] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3832] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] user32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] user32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] user32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] user32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[3872] user32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] ntdll.dll!LdrUnloadDll 7734C8DE 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] ntdll.dll!LdrLoadDll 773522B8 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] USER32.dll!UnhookWindowsHookEx 7597ADF9 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] USER32.dll!UnhookWinEvent 7597B750 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] USER32.dll!SetWindowsHookExW 7597E30C 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] USER32.dll!SetWinEventHook 759824DC 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4016] USER32.dll!SetWindowsHookExA 759A6D0C 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74142437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74125600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [741256BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [741424B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74138514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74134CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7413506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74135144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74136671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7413826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [741387BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7413901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7413E1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1464] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74134BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[2268] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7539FFF6] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000004c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) ---- Files - GMER 1.0.15 ---- File C:\Users\Admin\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\f_000012 25519 bytes ---- EOF - GMER 1.0.15 ----