TechSpot

Have reformatted laptop but now have new problems!

By maddeningloop
Jan 24, 2011
  1. Ok, well, I originally managed to contract some horrible scareware ('Antivirus Scan'), and in the process of trying to clean it up more infections arose, so I decided to format my laptop (with original 32-bit Vista OS). Since formatting it, I've had a number of problems which include

    - certain webpages only half loading
    - a strange file with a random string of letters appearing on my external hard drive
    - said hard drive not appearing under device manager
    - BSOD
    - un responsive script messages when using Firefox
    - inability to find drivers for internal camera (obviously a separate issue)

    I will paste below MBAM log, DDS & Attach logs, and then I will attach GMER log (it is very large)


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5587

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18999

    24/01/2011 12:46:16
    mbam-log-2011-01-24 (12-46-16).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 264590
    Time elapsed: 1 hour(s), 1 minute(s), 25 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)




















    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 21/01/2011 01:04:39
    System Uptime: 24/01/2011 23:16:27 (0 hours ago)

    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | N/A | 1801/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 102 GiB total, 61.798 GiB free.
    D: is CDROM ()
    E: is FIXED (NTFS) - 931 GiB total, 657.857 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID:
    Description: Mass Storage Controller
    Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
    Manufacturer:
    Name: Mass Storage Controller
    PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
    Service:

    Class GUID:
    Description:
    Device ID: ACPI\SNY5001\4&203C7357&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\SNY5001\4&203C7357&0
    Service:

    ==== System Restore Points ===================

    RP8: 22/01/2011 15:26:29 - avast! Free Antivirus Setup
    RP9: 22/01/2011 15:44:21 - Installed Sunbelt Personal Firewall.
    RP10: 22/01/2011 19:45:45 - Windows Update
    RP11: 22/01/2011 19:59:44 - Windows Update
    RP12: 22/01/2011 20:19:59 - Windows Update
    RP13: 22/01/2011 20:57:46 - Windows Update
    RP14: 22/01/2011 21:04:54 - Windows Update
    RP15: 22/01/2011 21:54:00 - Device Driver Package Install: Ricoh Imaging devices
    RP17: 22/01/2011 22:14:42 - Installed VAIO Camera Capture Utility
    RP19: 22/01/2011 22:16:19 - Installed VAIO Camera Utility
    RP20: 22/01/2011 22:36:11 - Windows Update
    RP21: 23/01/2011 00:43:05 - Windows Update
    RP22: 23/01/2011 18:48:06 - Installed Microsoft Fix it 50199
    RP23: 24/01/2011 00:56:36 - Installed Java(TM) 6 Update 20
    RP24: 24/01/2011 00:58:09 - Installed OpenOffice.org 3.2
    RP25: 24/01/2011 13:31:06 - Scheduled Checkpoint

    ==== Installed Programs ======================

    Adobe Flash Player 10 ActiveX
    µTorrent
    avast! Free Antivirus
    CCleaner
    CDBurnerXP
    ConvertXtoDVD 4.1.2.336
    DivX Setup
    Google Chrome
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Java Auto Updater
    Java(TM) 6 Update 20
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox (3.6.13)
    OpenOffice.org 3.2
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Spotify
    Spybot - Search & Destroy
    Sunbelt Personal Firewall
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    VAIO Camera Capture Utility
    VAIO Camera Utility
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.1.5
    Windows Driver Package - Ricoh R5U870 (UVC) (02/28/2007 6.1008.207.0)

    ==== Event Viewer Messages From Past Week ========

    24/01/2011 23:17:25, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    24/01/2011 23:16:56, Error: EventLog [6008] - The previous system shutdown at 23:14:13 on 24/01/2011 was unexpected.
    23/01/2011 11:44:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    23/01/2011 00:46:27, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    22/01/2011 20:51:06, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    ==== End Of File ===========================











    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Emma at 23:51:57.68 on 24/01/2011
    Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_20
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2046.1073 [GMT 0:00]

    AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Emma\Downloads\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [Google Update] "c:\users\emma\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
    mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\users\emma\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\emma\appdata\roaming\mozilla\firefox\profiles\cz3b8fda.default\
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\users\emma\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
    FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-22 294608]
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
    R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-6-21 66600]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-22 17744]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-1-22 51280]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-22 40384]
    R2 SbPF.Launcher;SbPF.Launcher;c:\program files\sunbelt software\personal firewall\SbPFLnch.exe [2008-10-31 95528]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-1-22 1153368]
    R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\sunbelt software\personal firewall\SbPFSvc.exe [2008-10-31 1365288]
    R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-4-26 74240]
    R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-4-26 43904]
    R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2011-1-22 65576]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    =============== Created Last 30 ================

    2011-01-24 01:16:09 -------- d-----w- c:\users\emma\appdata\roaming\OpenOffice.org
    2011-01-24 00:58:38 -------- d-----w- c:\program files\JRE
    2011-01-24 00:58:29 -------- d-----w- c:\program files\OpenOffice.org 3
    2011-01-24 00:57:25 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2011-01-24 00:57:25 411368 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    2011-01-24 00:13:35 -------- d-----w- c:\users\emma\appdata\roaming\Malwarebytes
    2011-01-24 00:13:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-01-24 00:13:30 -------- d-----w- c:\progra~2\Malwarebytes
    2011-01-24 00:13:27 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-01-24 00:13:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-01-23 19:53:47 -------- d-----w- c:\progra~2\vsosdk
    2011-01-23 13:11:28 -------- d-----w- c:\program files\CCleaner
    2011-01-23 00:40:00 217127 ----a-w- c:\windows\system32\drv43260.dll
    2011-01-23 00:40:00 208935 ----a-w- c:\windows\system32\drv33260.dll
    2011-01-23 00:40:00 102439 ----a-w- c:\windows\system32\sipr3260.dll
    2011-01-23 00:39:59 65602 ----a-w- c:\windows\system32\cook3260.dll
    2011-01-23 00:39:59 176165 ----a-w- c:\windows\system32\drv23260.dll
    2011-01-23 00:39:55 626688 ----a-w- c:\windows\system32\vp7vfw.dll
    2011-01-23 00:39:53 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
    2011-01-23 00:39:51 -------- d-----w- c:\program files\VSO
    2011-01-22 23:59:58 -------- d-----w- c:\program files\VideoLAN
    2011-01-22 23:56:28 -------- d-----w- c:\program files\uTorrent
    2011-01-22 23:55:46 -------- d-----w- c:\users\emma\appdata\roaming\uTorrent
    2011-01-22 23:55:10 -------- d-----w- c:\users\emma\appdata\roaming\Canneverbe Limited
    2011-01-22 23:55:10 -------- d-----w- c:\progra~2\Canneverbe Limited
    2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\roaming\Spotify
    2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\local\Spotify
    2011-01-22 23:31:41 -------- d-----w- c:\program files\Spotify
    2011-01-22 23:30:27 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2011-01-22 23:30:27 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
    2011-01-22 22:59:31 -------- d-----w- c:\users\emma\appdata\roaming\Local
    2011-01-22 22:58:50 -------- d-----w- c:\program files\common files\PX Storage Engine
    2011-01-22 22:57:54 -------- d-----w- c:\program files\common files\DivX Shared
    2011-01-22 22:56:33 -------- d-----w- c:\program files\DivX
    2011-01-22 22:55:52 -------- d-----w- c:\progra~2\DivX
    2011-01-22 22:14:51 -------- d-----w- c:\program files\Sony
    2011-01-22 22:06:06 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
    2011-01-22 22:06:06 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
    2011-01-22 22:06:06 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
    2011-01-22 22:06:06 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
    2011-01-22 22:06:06 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
    2011-01-22 22:06:06 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
    2011-01-22 22:06:06 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
    2011-01-22 22:06:05 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
    2011-01-22 22:00:04 420352 ----a-w- c:\windows\system32\vbscript.dll
    2011-01-22 21:59:59 304128 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-01-22 21:59:59 17920 ----a-w- c:\windows\system32\netevent.dll
    2011-01-22 21:59:59 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-01-22 21:59:59 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2011-01-22 21:59:59 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-01-22 21:59:48 377344 ----a-w- c:\windows\system32\winhttp.dll
    2011-01-22 21:59:30 739328 ----a-w- c:\windows\system32\inetcomm.dll
    2011-01-22 21:40:05 -------- d-----w- c:\users\emma\appdata\local\Google
    2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Deployment
    2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Apps
    2011-01-22 21:07:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
    2011-01-22 21:05:45 72704 ----a-w- c:\windows\system32\admparse.dll
    2011-01-22 20:50:43 -------- d-----w- c:\program files\Windows Portable Devices
    2011-01-22 20:42:15 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2011-01-22 20:42:14 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2011-01-22 20:42:14 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2011-01-22 20:40:55 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2011-01-22 20:29:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2011-01-22 20:29:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2011-01-22 20:29:47 297808 ----a-w- c:\windows\system32\mscoree.dll
    2011-01-22 20:29:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2011-01-22 20:29:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2011-01-22 20:29:00 293376 ----a-w- c:\windows\system32\browserchoice.exe
    2011-01-22 20:24:53 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2011-01-22 20:24:52 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2011-01-22 20:24:52 30720 ----a-w- c:\windows\system32\httpapi.dll
    2011-01-22 20:22:19 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
    2011-01-22 20:22:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2011-01-22 20:21:53 502272 ----a-w- c:\windows\system32\usp10.dll
    2011-01-22 20:21:50 515584 ----a-w- c:\program files\windows mail\wab.exe
    2011-01-22 20:21:49 66048 ----a-w- c:\program files\windows mail\wabmig.exe
    2011-01-22 20:21:49 33280 ----a-w- c:\program files\windows mail\wabfind.dll
    2011-01-22 20:21:09 274944 ----a-w- c:\windows\system32\schannel.dll
    2011-01-22 20:19:41 302592 ----a-w- c:\windows\system32\wlansec.dll
    2011-01-22 20:18:53 2038272 ----a-w- c:\windows\system32\win32k.sys
    2011-01-22 20:17:53 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-01-22 20:16:53 313344 ----a-w- c:\windows\system32\wmpdxm.dll
    2011-01-22 20:16:51 43520 ----a-w- c:\windows\system32\msdxm.tlb
    2011-01-22 20:16:51 18432 ----a-w- c:\windows\system32\amcompat.tlb
    2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc.dll
    2011-01-22 20:16:10 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2011-01-22 20:16:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2011-01-22 20:16:05 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2011-01-22 20:16:05 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2011-01-22 20:16:05 332288 ----a-w- c:\windows\system32\msdrm.dll
    2011-01-22 20:16:05 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2011-01-22 20:16:05 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2011-01-22 20:15:53 60928 ----a-w- c:\windows\system32\msasn1.dll
    2011-01-22 20:15:44 784896 ----a-w- c:\windows\system32\rpcrt4.dll
    2011-01-22 20:15:41 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-01-22 20:15:41 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2011-01-22 20:15:38 243712 ----a-w- c:\windows\system32\rastls.dll
    2011-01-22 20:15:36 355328 ----a-w- c:\windows\system32\WSDApi.dll
    2011-01-22 20:15:01 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2011-01-22 20:00:16 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
    2011-01-22 20:00:09 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{b266c226-c0f2-4dad-9294-af8b46643f90}\mpengine.dll
    2011-01-22 20:00:04 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-01-22 19:55:16 172032 ----a-w- c:\windows\system32\wintrust.dll
    2011-01-22 19:54:35 98304 ----a-w- c:\windows\system32\cabview.dll
    2011-01-22 19:51:14 -------- d-----w- c:\users\emma\appdata\local\Mozilla
    2011-01-22 19:46:24 2421760 ----a-w- c:\windows\system32\wucltux.dll
    2011-01-22 19:46:02 87552 ----a-w- c:\windows\system32\wudriver.dll
    2011-01-22 19:45:54 33792 ----a-w- c:\windows\system32\wuapp.exe
    2011-01-22 19:45:54 171608 ----a-w- c:\windows\system32\wuwebv.dll
    2011-01-22 15:44:40 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2011-01-22 15:44:33 -------- d-----w- c:\program files\Sunbelt Software
    2011-01-22 15:27:26 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-01-22 15:26:49 -------- d-sh--w- c:\windows\Installer
    2011-01-22 15:26:45 38848 ----a-w- c:\windows\avastSS.scr
    2011-01-22 15:26:36 -------- d-----w- c:\progra~2\Alwil Software
    2011-01-21 08:52:38 -------- d-----w- c:\windows\Panther
    2011-01-21 08:38:42 -------- d-----w- C:\Windows.old

    ==================== Find3M ====================

    2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
    2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe
    2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
    2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
    2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
    2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll

    ============= FINISH: 23:53:12.20 ===============




    Would appreciate any help with this. Been plagued lately, and I am reaching the end of my capabilities/tether!
     
  2. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    For some reason it won't let me attach GMER log and says it's too big to paste here? Add 'unresponsive buttons' on internet browsers to peculiar behaviour list....
     
  3. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-24 23:41:50
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 FUJITSU_MHW2120BH rev.00000012
    Running: q1sebw16.exe; Driver: C:\Users\Emma\AppData\Local\Temp\kxldapow.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwClose [0x87DB4160]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateFile [0x87DB3868]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateKey [0x87DB0320]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcess [0x87DB2E90]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcessEx [0x87DB2D9C]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateThread [0x87DB33FC]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteFile [0x87DB4210]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteKey [0x87DB0786]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteValueKey [0x87DB0846]
    SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwLoadDriver [0x8C10801C]
    SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwMapViewOfSection [0x8C108168]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwOpenFile [0x87DB3B54]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwOpenKey [0x87DB05CA]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwResumeThread [0x87DB34EC]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwSetInformationFile [0x87DB3E8C]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwSetValueKey [0x87DB09BC]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwWriteFile [0x87DB3DE0]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateThreadEx [0x87DB348E]
    SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateUserProcess [0x87DB2F82]

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8C18F652]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!KeSetEvent + 1A9 81EB890C 4 Bytes [60, 41, DB, 87]
    .text ntkrnlpa.exe!KeSetEvent + 1D9 81EB893C 4 Bytes [68, 38, DB, 87]
    .text ntkrnlpa.exe!KeSetEvent + 1E9 81EB894C 4 Bytes [20, 03, DB, 87]
    .text ntkrnlpa.exe!KeSetEvent + 209 81EB896C 8 Bytes [90, 2E, DB, 87, 9C, 2D, DB, ...] {NOP ; FILD DWORD CS:[EDI-0x7824d264]}
    .text ntkrnlpa.exe!KeSetEvent + 221 81EB8984 4 Bytes [FC, 33, DB, 87]
    .text ...
    PAGE ntkrnlpa.exe!ObMakeTemporaryObject 81FE328F 5 Bytes JMP 8C18B1EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!ObInsertObject 8203C063 5 Bytes JMP 8C18CC88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
    PAGE ntkrnlpa.exe!NtCreateSection 8203D905 7 Bytes JMP 8C18F656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Windows\System32\spoolsv.exe[252] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\System32\spoolsv.exe[252] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\spoolsv.exe[252] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\System32\spoolsv.exe[252] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\System32\spoolsv.exe[252] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\taskeng.exe[264] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\taskeng.exe[264] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[264] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\taskeng.exe[264] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\taskeng.exe[264] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[296] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[296] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[296] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[296] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[296] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe[504] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\csrss.exe[512] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00110720
    .text C:\Windows\system32\csrss.exe[512] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 001107AC
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001102C0
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00110234
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00110694
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00110090
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001103D8
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0011034C
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001101A8
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0011011C
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00110004
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateThread 76C7C90E 5 Bytes JMP 0011057C
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001104F0
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!WinExec 76CC5CF7 5 Bytes JMP 00110464
    .text C:\Windows\system32\csrss.exe[512] KERNEL32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00110608
    .text C:\Windows\system32\wininit.exe[556] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\wininit.exe[556] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\wininit.exe[556] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\wininit.exe[556] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\wininit.exe[556] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\csrss.exe[564] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00110720
    .text C:\Windows\system32\csrss.exe[564] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 001107AC
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001102C0
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00110234
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00110694
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00110090
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001103D8
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0011034C
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001101A8
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0011011C
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00110004
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateThread 76C7C90E 5 Bytes JMP 0011057C
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001104F0
    .text C:\Windows\system32\csrss.exe[564] KERNEL32.dll!WinExec 76CC5CF7 5 Bytes JMP 00110464
    .text
     
  4. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    C:\Windows\system32\csrss.exe[564] KERNEL32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00110608
    .text C:\Windows\system32\services.exe[600] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\services.exe[600] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\services.exe[600] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\services.exe[600] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\services.exe[600] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\services.exe[600] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\services.exe[600] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\services.exe[600] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\services.exe[600] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\services.exe[600] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\services.exe[600] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\services.exe[600] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\lsass.exe[624] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\lsass.exe[624] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsass.exe[624] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\lsass.exe[624] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\lsass.exe[624] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\lsm.exe[632] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\lsm.exe[632] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\lsm.exe[632] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00030720
    .text C:\Windows\system32\lsm.exe[632] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 000307AC
    .text C:\Windows\system32\winlogon.exe[668] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\winlogon.exe[668] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\winlogon.exe[668] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\winlogon.exe[668] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\winlogon.exe[668] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[812] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[812] kernel32.dll!SetThreadContext












    76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[812] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[812] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[812] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[888] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[888] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[888] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[888] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[888] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\System32\svchost.exe[932] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[932] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\System32\svchost.exe[932] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\System32\svchost.exe[932] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\System32\svchost.exe[1040] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text
     
  5. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1040] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\System32\svchost.exe[1040] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\System32\svchost.exe[1040] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Users\Emma\Downloads\q1sebw16.exe[1052] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\System32\svchost.exe[1092] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[1092] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\System32\svchost.exe[1092] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\System32\svchost.exe[1092] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[1120] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[1120] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1120] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[1120] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[1120] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\AUDIODG.EXE[1192] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\AUDIODG.EXE[1192] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00030720
    .text C:\Windows\system32\AUDIODG.EXE[1192] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 000307AC
    .text C:\Windows\system32\AUDIODG.EXE[1192] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\AUDIODG.EXE[1192] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\AUDIODG.EXE[1192] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[1220] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[1220] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00030720
    .text C:\Windows\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 000307AC
    .text C:\Windows\system32\svchost.exe[1220] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[1220] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[1220] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[1276] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[1276] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1276] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[1276] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[1276] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00030F54
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetConnectW 768BF862 5 Bytes JMP 00030FE0
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetOpenA 768CD690 5 Bytes JMP 00030D24
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetOpenW 768CDB09 5 Bytes JMP 00030DB0
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00030E3C
    .text C:\Windows\system32\svchost.exe[1276] WinInet.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00030EC8
    .text C:\Windows\system32\svchost.exe[1484] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text
     
  6. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    C:\Windows\system32\svchost.exe[1484] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[1484] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1484] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[1484] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[1484] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\system32\svchost.exe[1608] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[1608] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[1608] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[1608] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[1608] WS2_32.dll!bind



























    7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!SetUnhandledExceptionFilter 76C5A84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] WS2_32.dll!socket 777236D1 5 Bytes JMP 001308C4
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] WS2_32.dll!connect 777240D9 5 Bytes JMP 00130950
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] WS2_32.dll!bind 7772652F 5 Bytes JMP 00130838
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00130720
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 001307AC
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00130F54
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetConnectW 768BF862 5 Bytes JMP 00130FE0
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetOpenA 768CD690 5 Bytes JMP 00130D24
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetOpenW 768CDB09 5 Bytes JMP 00130DB0
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00130E3C
    .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1672] wininet.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00130EC8
    .text C:\Windows\system32\Dwm.exe[1712] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\Dwm.exe[1712] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\Dwm.exe[1712] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\Dwm.exe[1712] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\Dwm.exe[1712] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\Explorer.EXE[1756] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\Explorer.EXE[1756] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\Explorer.EXE[1756] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\Explorer.EXE[1756] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\Explorer.EXE[1756] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00030F54
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetConnectW 768BF862 5 Bytes JMP 00030FE0
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetOpenA 768CD690 5 Bytes JMP 00030D24
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetOpenW 768CDB09 5 Bytes JMP 00030DB0
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00030E3C
    .text C:\Windows\Explorer.EXE[1756] WININET.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00030EC8
    .text C:\Windows\system32\taskeng.exe[2060] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\taskeng.exe[2060] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\taskeng.exe[2060] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text
     
  7. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe[2076] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\svchost.exe[2120] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\svchost.exe[2120] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00030720
    .text C:\Windows\system32\svchost.exe[2120] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 000307AC
    .text C:\Windows\system32\svchost.exe[2120] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\svchost.exe[2120] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\svchost.exe[2120] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Windows\System32\svchost.exe[2148] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\System32\svchost.exe[2148] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\System32\svchost.exe[2148] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Windows\system32\SearchIndexer.exe[2172] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Windows\system32\SearchIndexer.exe[2172] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Windows\system32\SearchIndexer.exe[2172] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Windows\system32\SearchIndexer.exe[2172] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] WS2_32.dll!socket 777236D1 5 Bytes JMP 001308C4
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] WS2_32.dll!connect 777240D9 5 Bytes JMP 00130950
    .text C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe[2580] WS2_32.dll!bind 7772652F 5 Bytes JMP 00130838
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ws2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ws2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Program Files\Windows Defender\MSASCui.exe[2944] ws2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WS2_32.dll!socket 777236D1 5 Bytes JMP 001308C4
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WS2_32.dll!connect 777240D9 5 Bytes JMP 00130950
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WS2_32.dll!bind 7772652F 5 Bytes JMP 00130838
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 00130720
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 001307AC
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00130F54
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetConnectW 768BF862 5 Bytes JMP 00130FE0
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetOpenA 768CD690 5 Bytes JMP 00130D24
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetOpenW 768CDB09 5 Bytes JMP 00130DB0
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00130E3C
    .text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2956] WININET.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00130EC8
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00130F54
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetConnectW 768BF862 5 Bytes JMP 00130FE0
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetOpenA 768CD690 5 Bytes JMP 00130D24
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetOpenW 768CDB09 5 Bytes JMP 00130DB0
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00130E3C
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WININET.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00130EC8
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WS2_32.dll!socket 777236D1 5 Bytes JMP 001308C4
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WS2_32.dll!connect 777240D9 5 Bytes JMP 00130950
    .text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3000] WS2_32.dll!bind 7772652F 5 Bytes JMP 00130838
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text
     
  8. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe[3020] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00130F54
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetConnectW 768BF862 5 Bytes JMP 00130FE0
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetOpenA 768CD690 5 Bytes JMP 00130D24
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetOpenW 768CDB09 5 Bytes JMP 00130DB0
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00130E3C
    .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3076] WININET.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00130EC8
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00030F54
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetConnectW 768BF862 5 Bytes JMP 00030FE0
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetOpenA 768CD690 5 Bytes JMP 00030D24
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetOpenW 768CDB09 5 Bytes JMP 00030DB0
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00030E3C
    .text C:\Program Files\Windows Sidebar\sidebar.exe[3088] WININET.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00030EC8
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetConnectA 768BDEAE 5 Bytes JMP 00130F54
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetConnectW 768BF862 5 Bytes JMP 00130FE0
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetOpenA 768CD690 5 Bytes JMP 00130D24
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetOpenW 768CDB09 5 Bytes JMP 00130DB0
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetOpenUrlA 768CF3A4 5 Bytes JMP 00130E3C
    .text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[3112] wininet.dll!InternetOpenUrlW 76916D77 5 Bytes JMP 00130EC8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe[3260] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 001302C0
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00130234
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00130694
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00130090
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 001303D8
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0013034C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 001301A8
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0013011C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00130004
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0013057C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 001304F0
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00130464
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00130608
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3748] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ntdll.dll!LdrLoadDll 77619390 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ntdll.dll!LdrUnloadDll 7762BA50 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateProcessW 76C31BF3 5 Bytes JMP 000302C0
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateProcessA 76C31C28 5 Bytes JMP 00030234
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!WriteProcessMemory 76C31CB8 5 Bytes JMP 00030694
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!VirtualProtect 76C31DC3 5 Bytes JMP 00030090
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateProcessInternalW 76C553DF 5 Bytes JMP 000303D8
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateProcessInternalA 76C58B8D 5 Bytes JMP 0003034C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!VirtualProtectEx 76C5DBDA 5 Bytes JMP 000301A8
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!VirtualAllocEx 76C7ACFC 5 Bytes JMP 0003011C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!VirtualAlloc 76C7AD55 5 Bytes JMP 00030004
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateThread 76C7C90E 5 Bytes JMP 0003057C
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!CreateRemoteThread 76C7C935 5 Bytes JMP 000304F0
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!WinExec 76CC5CF7 5 Bytes JMP 00030464
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] kernel32.dll!SetThreadContext 76CC794A 5 Bytes JMP 00030608
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] USER32.dll!SetWindowsHookExA 767D6322 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] USER32.dll!SetWindowsHookExW 767D87AD 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] USER32.dll!UnhookWindowsHookEx 767D98DB 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] USER32.dll!SetWinEventHook 767D9F3A 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] USER32.dll!UnhookWinEvent 767DC06F 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!CreateServiceW 76EA9EB4 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!DeleteService 76EAA07E 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!SetServiceObjectSecurity 76EE6CD9 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!ChangeServiceConfigA 76EE6DD9 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!ChangeServiceConfigW 76EE6F81 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!ChangeServiceConfig2A 76EE7099 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!ChangeServiceConfig2W 76EE71E1 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] ADVAPI32.dll!CreateServiceA 76EE72A1 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] WS2_32.dll!socket 777236D1 5 Bytes JMP 000308C4
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] WS2_32.dll!connect 777240D9 5 Bytes JMP 00030950
    .text C:\Program Files\OpenOffice.org 3\program\soffice.bin[3756] WS2_32.dll!bind 7772652F 5 Bytes JMP 00030838

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\tdx \Device\Tcp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
    AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\tdx \Device\Udp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
    AttachedDevice \Driver\tdx \Device\RawIp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)

    ---- EOF - GMER 1.0.15 ----
     
  9. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Did all those issues start right after formatting?
    I'm not sure how freshly formatted computer could be already infected.
    I don't see anything malicious in your logs.
     
  10. maddeningloop

    maddeningloop TS Rookie Topic Starter Posts: 17

    That is reassuring. I thought that maybe my external hard drive was infected (there remains a strange folder on it). Yes, all these problems have arrived since reformatting. It's a whole load better than it was, but it's still behaving strangely. Thanks for looking, and let me know if you have any ideas. Emma
     
  11. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    I'd post your issues in Windows forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...