GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-07-08 16:36:13 Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AADS-00M2B0 rev.01.00A01 465,76GB Running: biuv04cv.exe; Driver: C:\Users\Anna\AppData\Local\Temp\kxldrpow.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x90E09728] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x90E097D8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x90E09870] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90E1D82E] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x90E1D652] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x90E1D78C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 2.1 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E90579 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EB4F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!RtlSidHashLookup + 23C 82EBC73C 4 Bytes [28, 97, E0, 90] .text ntkrnlpa.exe!RtlSidHashLookup + 3FC 82EBC8FC 4 Bytes [D8, 97, E0, 90] .text ntkrnlpa.exe!RtlSidHashLookup + 54C 82EBCA4C 4 Bytes [70, 98, E0, 90] {JO 0xffffff9a; LOOPNZ 0xffffff94} PAGE ntkrnlpa.exe!ZwLoadDriver 82FEE279 7 Bytes JMP 90E1D790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 83055F59 5 Bytes JMP 90E191EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 8306FC5F 5 Bytes JMP 90E1ACA0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 8307DCE3 7 Bytes JMP 90E1D656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 83127E52 7 Bytes JMP 90E1D832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) .text sptd.sys 8BABB000 8 Bytes [A6, 31, E2, 82, A0, 97, E1, ...] .text sptd.sys 8BABB009 23 Bytes [97, E1, 82, 48, BB, E1, 82, ...] .text sptd.sys 8BABB024 4 Bytes [32, A5, BE, 8B] .text sptd.sys 8BABB02C 110 Bytes [6C, E8, 0A, 83, B3, F0, 04, ...] .text sptd.sys 8BABB09B 313 Bytes [83, 78, 7B, EB, 82, 60, B3, ...] .text ... .sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x8BBB2D38] ? C:\Windows\System32\Drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. .text USBPORT.SYS!DllUnload 90EE6CA0 5 Bytes JMP 86830410 .text peauth.sys ACC31C9D 28 Bytes JMP D24F4E34 .text peauth.sys ACC31CC1 28 Bytes JMP D24F4E58 ? \alcohol\Alcohol 52\Alcoholx.dll System nie może odnaleźć określonej ścieżki. ! ---- User code sections - GMER 2.1 ---- .text D:\PCSUITE\SupServ.exe[308] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SupServ.exe[308] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\alcohol\Alcohol 52\StarWind\StarWindServiceAE.exe[356] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[376] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[376] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[456] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[456] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wininit.exe[496] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\services.exe[552] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\services.exe[552] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsass.exe[568] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsm.exe[584] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\lsm.exe[584] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\winlogon.exe[600] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[716] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[716] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NETGEAR\WPN111\wpn111.exe[748] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] user32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] user32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] user32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] user32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[808] user32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[872] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[936] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[960] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\taskhost.exe[1012] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1092] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1176] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1296] kernel32.dll!SetUnhandledExceptionFilter 756C3142 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 80, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 83, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 80, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 81, D8, 00] {TEST AL, 0x81; FADD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 82, D8, 00] {TEST AL, 0x82; FADD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 81, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 82, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 80, D8, 00] {TEST AL, 0x80; FADD DWORD [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 81, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 82, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 83, D8, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[1304] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\notepad.exe[1368] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe[1460] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\Dwm.exe[1464] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\Explorer.EXE[1488] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\spoolsv.exe[1712] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[1740] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1836] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe[1860] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[1880] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[1912] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE[1968] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2008] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2008] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2032] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2032] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2112] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2164] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe[2284] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[2304] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe[2552] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe[2552] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2560] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\wbem\wmiprvse.exe[2624] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2676] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\conhost.exe[2708] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[2804] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [18, 10, 20, 62] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[2948] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe[3156] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.PurBrowse.exe[3156] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe[3304] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3388] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxtray.exe[3396] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\hkcmd.exe[3408] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\igfxpers.exe[3420] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3464] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3480] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[3520] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3528] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\AVG Secure Search\vprot.exe[3544] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3560] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\SearchIndexer.exe[3572] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 9C, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 9F, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 9C, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 9D, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 9E, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 9D, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 9E, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 9C, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 9D, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 9E, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 9F, 51, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3744] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\ipla\ipla.exe[3772] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\system32\svchost.exe[3848] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 00, B7, 00] {SUB [EAX], AL; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtMapViewOfSection + 6 77145076 1 Byte [28] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 03, B7, 00] {SUB [EBX], AL; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 00, B7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 01, B7, 00] {TEST AL, 0x1; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 02, B7, 00] {TEST AL, 0x2; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 01, B7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 02, B7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 00, B7, 00] {TEST AL, 0x0; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 01, B7, 00] {SUB [ECX], AL; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 02, B7, 00] {SUB [EDX], AL; MOV BH, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 1 Byte [68] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 03, B7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[3892] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!CharToOemA + 3A 758FB1DE 7 Bytes JMP 1004BF70 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!PostMessageW + 2CE 759064F3 7 Bytes JMP 1004BE30 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!SetDlgItemTextA + 25 75918FF6 7 Bytes JMP 1004BF50 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!MessageBoxIndirectA + F5 7594E9BE 7 Bytes JMP 1004BFC0 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!MessageBoxIndirectW + 61 7594EA24 7 Bytes JMP 1004C090 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text D:\PCSUITE\SEPCSuite.exe[3976] USER32.dll!MessageBoxExA + 1F 7594EA48 7 Bytes JMP 1004C040 D:\PCSUITE\NewUI.dll (New UI/Avanquest Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 1C, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 1F, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 1C, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 1D, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 1E, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 1D, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 1E, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 1C, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 1D, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 1E, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 1F, A6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4104] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\NetCrawl\bin\NetCrawl.BrowserAdapter.exe[4176] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 64, 22, 00] {SUB [EDX+0x0], AH} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 67, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 64, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 65, 22, 00] {TEST AL, 0x65; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 66, 22, 00] {TEST AL, 0x66; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 65, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 66, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 64, 22, 00] {TEST AL, 0x64; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 65, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 66, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 67, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[4492] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] user32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] user32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] user32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] user32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Windows\System32\svchost.exe[4588] user32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[4720] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe[4800] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, C0, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, C3, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, C0, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, C1, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, C2, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, C1, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, C2, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, C0, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, C1, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, C2, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, C3, D6, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5080] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 24, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 27, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 24, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 25, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 26, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 25, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 26, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 24, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 25, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 26, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 27, A7, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5184] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, B4, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, B7, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, B4, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, B5, 6A, 00] {TEST AL, 0xb5; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, B6, 6A, 00] {TEST AL, 0xb6; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, B5, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, B6, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, B4, 6A, 00] {TEST AL, 0xb4; PUSH 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, B5, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, B6, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, B7, 6A, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5220] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, A4, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, A7, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, A4, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, A5, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, A6, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, A5, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, A6, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, A4, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, A5, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, A6, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, A7, C0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5228] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Users\Anna\Desktop\Logi\Gmer\biuv04cv.exe[5520] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtCreateFile + 6 77144A16 4 Bytes [28, 98, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtCreateFile + B 77144A1B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtMapViewOfSection + 6 77145076 4 Bytes [28, 9B, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtMapViewOfSection + B 7714507B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenFile + 6 77145126 4 Bytes [68, 98, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenFile + B 7714512B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcess + 6 771451D6 4 Bytes [A8, 99, 22, 00] {TEST AL, 0x99; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcess + B 771451DB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessToken + B 771451EB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessTokenEx + 6 771451F6 4 Bytes [A8, 9A, 22, 00] {TEST AL, 0x9a; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessTokenEx + B 771451FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThread + 6 77145256 4 Bytes [68, 99, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThread + B 7714525B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadToken + 6 77145266 4 Bytes [68, 9A, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadToken + B 7714526B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadTokenEx + B 7714527B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryAttributesFile + 6 77145386 4 Bytes [A8, 98, 22, 00] {TEST AL, 0x98; AND AL, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryAttributesFile + B 7714538B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryFullAttributesFile + B 7714543B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationFile + 6 77145A86 4 Bytes [28, 99, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationFile + B 77145A8B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationThread + 6 77145AE6 4 Bytes [28, 9A, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationThread + B 77145AEB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtUnmapViewOfSection + 6 77145E06 4 Bytes [68, 9B, 22, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtUnmapViewOfSection + B 77145E0B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\Google\Chrome\Application\chrome.exe[5800] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] ntdll.dll!LdrUnloadDll 7715BE7F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] ntdll.dll!LdrLoadDll 7715F585 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] USER32.dll!UnhookWindowsHookEx 758FCC7B 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] USER32.dll!UnhookWinEvent 758FD924 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] USER32.dll!SetWindowsHookExW 7590210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] USER32.dll!SetWinEventHook 7590507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) .text C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe[6004] USER32.dll!SetWindowsHookExA 75926DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software) ---- Kernel IAT/EAT - GMER 2.1 ---- IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8BABC0C0] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8BABCFE0] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [8BABC574] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8BABD1BC] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8BABC362] \SystemRoot\System32\Drivers\sptd.sys ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E6250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E62494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73E45624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73E456E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73E58573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73E54D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73E550CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73E551A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73E566D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73E582CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73E58819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73E5907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73E5E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1488] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73E54C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [751A5D3D] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [751A5D3D] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [751A5D3D] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3448] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [751A5D3D] C:\Windows\system32\apphelp.dll (Biblioteka klienta zgodności aplikacji/Microsoft Corporation) ---- Devices - GMER 2.1 ---- Device \FileSystem\Ntfs \Ntfs 856F31F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{3E5AAAFB-6C2C-400A-829E-048A25C78EC2} 867A31F8 Device \Driver\usbuhci \Device\USBPDO-0 86793430 Device \Driver\usbuhci \Device\USBPDO-1 86793430 Device \Driver\usbuhci \Device\USBPDO-2 86793430 Device \Driver\PCI_PNP0083 \Device\00000053 sptd.sys Device \Driver\PCI_PNP0083 \Device\00000053 sptd.sys Device \Driver\usbuhci \Device\USBPDO-3 86793430 Device \Driver\usbehci \Device\USBPDO-4 860F0430 AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\cdrom \Device\CdRom0 866B51F8 Device \Driver\cdrom \Device\CdRom1 866B51F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 856F11F8 Device \Driver\atapi \Device\Ide\IdePort0 856F11F8 Device \Driver\atapi \Device\Ide\IdePort1 856F11F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 856F11F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 867A31F8 AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \Driver\NetBT \Device\NetBT_Tcpip_{94842721-8116-4C10-B9B7-3CD0C0CF26B9} 867A31F8 Device \Driver\usbuhci \Device\USBFDO-0 86793430 Device \Driver\usbuhci \Device\USBFDO-1 86793430 Device \Driver\usbuhci \Device\USBFDO-2 86793430 Device \Driver\usbuhci \Device\USBFDO-3 86793430 Device \Driver\usbehci \Device\USBFDO-4 860F0430 Device \Driver\aazfk0fm \Device\Scsi\aazfk0fm1Port2Path0Target0Lun0 8685C430 Device \Driver\aazfk0fm \Device\Scsi\aazfk0fm1 8685C430 ---- Trace I/O - GMER 2.1 ---- Trace ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x856f11f8]<< 856f11f8 Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864f5828] 864f5828 Trace 3 CLASSPNP.SYS[8c2f159e] -> nt!IofCallDriver -> [0x86425900] 86425900 Trace 5 ACPI.sys[8b9b43b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8574c610] 8574c610 Trace \Driver\atapi[0x86405880] -> IRP_MJ_CREATE -> 0x856f11f8 856f11f8 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\alcohol\Alcohol 52\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xEC 0x79 0x91 0x76 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x3F 0xBD 0x66 0x1B ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x39 0x8F 0xEE 0xD4 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\alcohol\Alcohol 52\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xEC 0x79 0x91 0x76 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x3F 0xBD 0x66 0x1B ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x39 0x8F 0xEE 0xD4 ... ---- EOF - GMER 2.1 ----