GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-10-25 19:21:58 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD10JPVX-75JC3T0 rev.01.01A01 931,51GB Running: 4luz1r31.exe; Driver: C:\Users\Pempek\AppData\Local\Temp\kwrdipod.sys ---- System - GMER 2.2 ---- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0x95C616F0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0x95C61820] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0x95C61010] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenThread [0x95C614E0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0x95C61300] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0x95C613F0] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0x95C61120] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0x95C61210] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0x95C615F0] ---- Kernel code sections - GMER 2.2 ---- .text ntkrnlpa.exe!ZwRenameKey + 1549 82E83F05 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EBE292 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 1357 82EC591C 8 Bytes [F0, 16, C6, 95, 20, 18, C6, ...] .text ntkrnlpa.exe!KeRemoveQueueEx + 139F 82EC5964 4 Bytes [10, 10, C6, 95] .text ntkrnlpa.exe!KeRemoveQueueEx + 13C0 82EC5985 3 Bytes [14, C6, 95] {ADC AL, 0xc6; XCHG EBP, EAX} .text ntkrnlpa.exe!KeRemoveQueueEx + 165F 82EC5C24 8 Bytes [00, 13, C6, 95, F0, 13, C6, ...] .text ntkrnlpa.exe!KeRemoveQueueEx + 166F 82EC5C34 8 Bytes [20, 11, C6, 95, 10, 12, C6, ...] .text ... ---- User code sections - GMER 2.2 ---- .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\ctfmon.exe[1816] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Users\Pempek\Desktop\gmer\4luz1r31.exe[1860] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[2340] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2376] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe[2408] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[2432] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe[2524] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe[2572] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\PnkBstrA.exe[2920] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[3000] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[3048] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\conhost.exe[3188] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgnsx.exe[3256] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgemcx.exe[3312] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\unsecapp.exe[3324] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wbem\wmiprvse.exe[3540] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3628] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\svchost.exe[3656] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3716] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[4176] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\Dwm.exe[4188] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\Explorer.EXE[4220] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateFile + 6 77975136 4 Bytes [28, 18, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateFile + B 7797513B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtMapViewOfSection + 6 77975796 4 Bytes [28, 1B, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtMapViewOfSection + B 7797579B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenFile + 6 77975846 4 Bytes [68, 18, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenFile + B 7797584B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenProcess + 6 779758F6 4 Bytes [A8, 19, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenProcess + B 779758FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenProcessToken + B 7797590B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenProcessTokenEx + 6 77975916 4 Bytes [A8, 1A, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenProcessTokenEx + B 7797591B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenThread + 6 77975976 4 Bytes [68, 19, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenThread + B 7797597B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenThreadToken + 6 77975986 4 Bytes [68, 1A, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenThreadToken + B 7797598B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtOpenThreadTokenEx + B 7797599B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtQueryAttributesFile + 6 77975AA6 4 Bytes [A8, 18, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtQueryAttributesFile + B 77975AAB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtQueryFullAttributesFile + B 77975B5B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtSetInformationFile + 6 779761A6 4 Bytes [28, 19, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtSetInformationFile + B 779761AB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtSetInformationThread + 6 77976206 4 Bytes [28, 1A, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtSetInformationThread + B 7797620B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtUnmapViewOfSection + 6 77976526 4 Bytes [68, 1B, 27, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtUnmapViewOfSection + B 7797652B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[4304] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[4404] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[4416] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\SearchIndexer.exe[4492] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\taskhost.exe[4592] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\System32\svchost.exe[5056] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateFile + 6 77975136 4 Bytes [28, 04, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateFile + B 7797513B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtMapViewOfSection + 6 77975796 4 Bytes [28, 07, 29, 00] {SUB [EDI], AL; SUB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtMapViewOfSection + B 7797579B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenFile + 6 77975846 4 Bytes [68, 04, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenFile + B 7797584B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenProcess + 6 779758F6 4 Bytes [A8, 05, 29, 00] {TEST AL, 0x5; SUB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenProcess + B 779758FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenProcessToken + B 7797590B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenProcessTokenEx + 6 77975916 4 Bytes [A8, 06, 29, 00] {TEST AL, 0x6; SUB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenProcessTokenEx + B 7797591B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenThread + 6 77975976 4 Bytes [68, 05, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenThread + B 7797597B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenThreadToken + 6 77975986 4 Bytes [68, 06, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenThreadToken + B 7797598B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtOpenThreadTokenEx + B 7797599B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtQueryAttributesFile + 6 77975AA6 4 Bytes [A8, 04, 29, 00] {TEST AL, 0x4; SUB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtQueryAttributesFile + B 77975AAB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtQueryFullAttributesFile + B 77975B5B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtSetInformationFile + 6 779761A6 4 Bytes [28, 05, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtSetInformationFile + B 779761AB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtSetInformationThread + 6 77976206 4 Bytes [28, 06, 29, 00] {SUB [ESI], AL; SUB [EAX], EAX} .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtSetInformationThread + B 7797620B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtUnmapViewOfSection + 6 77976526 4 Bytes [68, 07, 29, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtUnmapViewOfSection + B 7797652B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[5120] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Windows Media Player\wmpnetwk.exe[5124] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[5220] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5288] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Framework\Common\avguix.exe[5292] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxEM.exe[5304] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe[5356] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxHK.exe[5392] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\igfxTray.exe[5404] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\AVG\Av\avgui.exe[5512] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe[6080] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6904] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[6980] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateFile + 6 77975136 4 Bytes [28, AC, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateFile + B 7797513B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtMapViewOfSection + 6 77975796 4 Bytes [28, AF, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtMapViewOfSection + B 7797579B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenFile + 6 77975846 4 Bytes [68, AC, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenFile + B 7797584B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenProcess + 6 779758F6 4 Bytes [A8, AD, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenProcess + B 779758FB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenProcessToken + B 7797590B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenProcessTokenEx + 6 77975916 4 Bytes [A8, AE, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenProcessTokenEx + B 7797591B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenThread + 6 77975976 4 Bytes [68, AD, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenThread + B 7797597B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenThreadToken + 6 77975986 4 Bytes [68, AE, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenThreadToken + B 7797598B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtOpenThreadTokenEx + B 7797599B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtQueryAttributesFile + 6 77975AA6 4 Bytes [A8, AC, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtQueryAttributesFile + B 77975AAB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtQueryFullAttributesFile + B 77975B5B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtSetInformationFile + 6 779761A6 4 Bytes [28, AD, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtSetInformationFile + B 779761AB 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtSetInformationThread + 6 77976206 4 Bytes [28, AE, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtSetInformationThread + B 7797620B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtUnmapViewOfSection + 6 77976526 4 Bytes [68, AF, 68, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtUnmapViewOfSection + B 7797652B 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Program Files\Google\Chrome\Application\chrome.exe[7276] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtCreateEvent 77975110 5 Bytes JMP 6FA52650 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtCreateMutant 779751B0 5 Bytes JMP 6FA528E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtCreateSemaphore 77975260 5 Bytes JMP 6FA52B70 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtCreateUserProcess 779752E0 5 Bytes JMP 6FA52E00 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtMapViewOfSection 77975790 5 Bytes JMP 6FA52360 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtOpenEvent 77975820 5 Bytes JMP 6FA527A0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtOpenMutant 779758C0 5 Bytes JMP 6FA52A30 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtOpenSemaphore 77975940 5 Bytes JMP 6FA52CC0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtQueryInformationProcess 77975BB0 5 Bytes JMP 6FA530E0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtResumeThread 77976010 5 Bytes JMP 6FA52520 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!NtWriteVirtualMemory 77976600 5 Bytes JMP 6FA521F0 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!RtlQueryEnvironmentVariable 7798859F 5 Bytes JMP 6FA52F80 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] ntdll.dll!RtlDecompressBuffer 779E56BD 5 Bytes JMP 6FA52E90 C:\Program Files\AVG\Av\avghookx.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!K32GetModuleInformation 74E260FA 5 Bytes JMP 689B4960 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!K32GetMappedFileNameW 74E261F9 5 Bytes JMP 689B4790 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!RegDeleteValueW 74E2BD4B 7 Bytes JMP 689B5150 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!RegSetValueExA 74E34260 7 Bytes JMP 689B53B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!RegSetValueExW 74E39A04 7 Bytes JMP 689B57A0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!RegQueryValueExW 74E3D607 7 Bytes JMP 689B5160 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] kernel32.dll!K32EnumProcessModulesEx 74EA056A 7 Bytes JMP 689B4780 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] ole32.dll!CoSetProxyBlanket 75EF5E75 5 Bytes JMP 689B3730 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] ole32.dll!CoCreateInstance 75F29CBB 5 Bytes JMP 689B36C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] GDI32.dll!D3DKMTQueryAdapterInfo 74DA9ABB 5 Bytes JMP 689B38C0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] GDI32.dll!D3DKMTGetDisplayModeList 74DAF1D5 5 Bytes JMP 689B38B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] USER32.dll!EnumDisplayDevicesW 76045B6E 5 Bytes JMP 689B4290 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] USER32.dll!EnumDisplayDevicesA 7604C1D4 5 Bytes JMP 689B4220 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] USER32.dll!CreateWindowExW 7604EC4C 5 Bytes JMP 689B3770 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] USER32.dll!DisplayConfigGetDeviceInfo 7605EFF6 5 Bytes JMP 689B4200 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll .text C:\Windows\system32\wuauclt.exe[7644] USER32.dll!ChangeDisplaySettingsExW 7608FAA9 5 Bytes JMP 689B35B0 C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll ---- Devices - GMER 2.2 ---- AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys Device \Driver\BTHUSB \Device\00000071 bthport.sys Device \Driver\BTHUSB \Device\00000073 bthport.sys AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}\Connection@Name isatap.{D4D3369D-2D19-4EFB-B02B-D591E276A223} Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{EE33130D-5C88-4966-8E76-480D6B73DC15}\Connection@Name isatap.{F0C5B725-F062-432C-B66E-FE35E96DE0D3} Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind \Device\{DE932097-92BD-4E94-8BF7-FDC34539931C}?\Device\{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}?\Device\{E667E3D9-377C-4D3E-9A3C-B985BB06975C}?\Device\{EE33130D-5C88-4966-8E76-480D6B73DC15}?\Device\{9F412C05-0389-4F25-BF15-3F607EDE6E49}? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route "{DE932097-92BD-4E94-8BF7-FDC34539931C}"?"{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}"?"{E667E3D9-377C-4D3E-9A3C-B985BB06975C}"?"{EE33130D-5C88-4966-8E76-480D6B73DC15}"?"{9F412C05-0389-4F25-BF15-3F607EDE6E49}"? Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export \Device\TCPIP6TUNNEL_{DE932097-92BD-4E94-8BF7-FDC34539931C}?\Device\TCPIP6TUNNEL_{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}?\Device\TCPIP6TUNNEL_{E667E3D9-377C-4D3E-9A3C-B985BB06975C}?\Device\TCPIP6TUNNEL_{EE33130D-5C88-4966-8E76-480D6B73DC15}?\Device\TCPIP6TUNNEL_{9F412C05-0389-4F25-BF15-3F607EDE6E49}? Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\780cb8c93e6a Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}@InterfaceName isatap.{D4D3369D-2D19-4EFB-B02B-D591E276A223} Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{EA75D7F6-B740-478F-8AA1-DF16D480B5A3}@ReusableType 0 Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{EE33130D-5C88-4966-8E76-480D6B73DC15}@InterfaceName isatap.{F0C5B725-F062-432C-B66E-FE35E96DE0D3} Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{EE33130D-5C88-4966-8E76-480D6B73DC15}@ReusableType 0 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\780cb8c93e6a (not active ControlSet) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\PerfTrack\ScenarioOccurrences\22@TotalOccurrences 124 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\PerfTrack\ScenarioOccurrences\22@AverageScaledTpi 150 Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\PerfTrack\ScenarioOccurrences\22@OccurrencesGreaterThan275ScaledTPI 29 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@BDE222AC 65 ---- Files - GMER 2.2 ---- File C:\Users\Pempek\AppData\Local\Google\Chrome\User Data\Default\Cache\f_025d64 17139 bytes File C:\Users\Pempek\AppData\Local\Google\Chrome\User Data\Default\Cache\f_025d65 0 bytes ---- EOF - GMER 2.2 ----