Inactive My laptop has virus named Win32/Zbot.G
- Thread starter zulubee
- Start date
- Status
Broni
Posts: 56,041 +516
Welcome aboard
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running tools or applying updates other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
log from step 3 - Malwarebytes
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6282
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
4/6/2011 1:14:53 AM
mbam-log-2011-04-06 (01-14-53).txt
Scan type: Quick scan
Objects scanned: 144474
Time elapsed: 7 minute(s), 31 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 106
Registry Values Infected: 7
Registry Data Items Infected: 7
Folders Infected: 47
Files Infected: 48
Memory Processes Infected:
c:\documents and settings\networkservice\local settings\application data\dwe.exe (Trojan.Agent) -> 3520 -> Unloaded process successfully.
Memory Modules Infected:
c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Worm.Palevo) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.1.22.0 (Adware.HotBar) -> Value: ShopperReports 3.1.22.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E879047EB676585236A892 (Malware.Trace) -> Value: SRS_IT_E879047EB676585236A892 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\LocalService\Local Settings\Application Data\ovi.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe "C:\Documents and Settings\Administrator\Application Data\petwqlnszwufmyyvtryexcmxqn2wt3b2\csrss.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\shopperreports3 (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0 (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\networkservice\local settings\application data\dwe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\application data\dol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6282
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
4/6/2011 1:14:53 AM
mbam-log-2011-04-06 (01-14-53).txt
Scan type: Quick scan
Objects scanned: 144474
Time elapsed: 7 minute(s), 31 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 106
Registry Values Infected: 7
Registry Data Items Infected: 7
Folders Infected: 47
Files Infected: 48
Memory Processes Infected:
c:\documents and settings\networkservice\local settings\application data\dwe.exe (Trojan.Agent) -> 3520 -> Unloaded process successfully.
Memory Modules Infected:
c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Worm.Palevo) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.1.22.0 (Adware.HotBar) -> Value: ShopperReports 3.1.22.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E879047EB676585236A892 (Malware.Trace) -> Value: SRS_IT_E879047EB676585236A892 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\LocalService\Local Settings\Application Data\ovi.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe "C:\Documents and Settings\Administrator\Application Data\petwqlnszwufmyyvtryexcmxqn2wt3b2\csrss.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\shopperreports3 (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0 (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\networkservice\local settings\application data\dwe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
c:\program files\shopperreports3\bin\3.1.22.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\local settings\application data\dol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.646.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
Step 4 - the comp got auto restrarted. PLs advice if the files are ok. I'm onto 5
GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-06 02:26:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 FUJITSU_MJA2160BH_G2 rev.8919
Running: 4tc1wn6j.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwldapow.sys
---- User code sections - GMER 1.0.15 ----
? C:\WINDOWS\System32\svchost.exe[244] time/date stamp mismatch;
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E7000A
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E8000A
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00E6000C
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 02A6000A
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 02AA000A
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!GetForegroundWindow 7E429823 5 Bytes JMP 02AB000A
.text C:\WINDOWS\System32\svchost.exe[244] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 0118000A
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\hkcmd.exe[324] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\system32\svchost.exe[368] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[368] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E1000A
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E2000A
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00E0000C
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00CE2C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
? C:\WINDOWS\system32\csrss.exe[424] time/date stamp mismatch; unknown module: CSRSRV.dll
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\csrss.exe[424] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\igfxpers.exe[432] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-06 02:26:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 FUJITSU_MJA2160BH_G2 rev.8919
Running: 4tc1wn6j.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uwldapow.sys
---- User code sections - GMER 1.0.15 ----
? C:\WINDOWS\System32\svchost.exe[244] time/date stamp mismatch;
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E7000A
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E8000A
.text C:\WINDOWS\System32\svchost.exe[244] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00E6000C
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 02A6000A
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 02AA000A
.text C:\WINDOWS\System32\svchost.exe[244] USER32.dll!GetForegroundWindow 7E429823 5 Bytes JMP 02AB000A
.text C:\WINDOWS\System32\svchost.exe[244] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 0118000A
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\hkcmd.exe[324] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\hkcmd.exe[324] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\hkcmd.exe[324] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgchsvx.exe[332] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Java\jre6\bin\jqs.exe[336] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\system32\svchost.exe[368] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[368] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[368] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[368] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[368] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgrsx.exe[380] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E1000A
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E2000A
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00E0000C
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[420] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00CE2C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
? C:\WINDOWS\system32\csrss.exe[424] time/date stamp mismatch; unknown module: CSRSRV.dll
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\csrss.exe[424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\csrss.exe[424] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\igfxpers.exe[432] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\igfxpers.exe[432] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\igfxpers.exe[432] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
cont...1
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E3000A
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E4000A
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00DE000C
.text C:\Program Files\Internet Explorer\iexplore.exe[468] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0178000A
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0179000A
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0177000C
.text C:\Program Files\Internet Explorer\iexplore.exe[552] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[552] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\AESTFltr.exe[576] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\winlogon.exe[616] time/date stamp mismatch; unknown module: WINMM.dllunknown module: MSGINA.dllunknown module: RASAPI32.dllunknown module: MPR.dllunknown module: AUTHZ.dllunknown module: NDdeApi.dllunknown module: PROFMAP.dllunknown module: SETUPAPI.dllunknown module: VERSION.dllunknown module: WINSTA.dllunknown module: WINTRUST.dll
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\winlogon.exe[616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\IDT\WDM\sttray.exe[636] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\services.exe[704] time/date stamp mismatch; unknown module: NTDSAPI.dllunknown module: NCObjAPI.DLLunknown module: SCESRV.dllunknown module: umpnpmgr.dll
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\services.exe[704] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\lsass.exe[716] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSASend
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[440] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E3000A
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E4000A
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00DE000C
.text C:\Program Files\Internet Explorer\iexplore.exe[468] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[468] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0178000A
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0179000A
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0177000C
.text C:\Program Files\Internet Explorer\iexplore.exe[552] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[552] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[552] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Google\Google Talk\googletalk.exe[572] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\AESTFltr.exe[576] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\AESTFltr.exe[576] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\AESTFltr.exe[576] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\winlogon.exe[616] time/date stamp mismatch; unknown module: WINMM.dllunknown module: MSGINA.dllunknown module: RASAPI32.dllunknown module: MPR.dllunknown module: AUTHZ.dllunknown module: NDdeApi.dllunknown module: PROFMAP.dllunknown module: SETUPAPI.dllunknown module: VERSION.dllunknown module: WINSTA.dllunknown module: WINTRUST.dll
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\winlogon.exe[616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\winlogon.exe[616] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\winlogon.exe[616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\AVG\AVG9\avgtray.exe[628] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\IDT\WDM\sttray.exe[636] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\IDT\WDM\sttray.exe[636] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\IDT\WDM\sttray.exe[636] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\services.exe[704] time/date stamp mismatch; unknown module: NTDSAPI.dllunknown module: NCObjAPI.DLLunknown module: SCESRV.dllunknown module: umpnpmgr.dll
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\services.exe[704] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\services.exe[704] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\services.exe[704] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\services.exe[704] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\lsass.exe[716] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\lsass.exe[716] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSASend
cont ...2
71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\svchost.exe[812] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[812] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\DllHost.exe[892] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\system32\svchost.exe[1028] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\svchost.exe[1028] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\Explorer.EXE[1492] time/date stamp mismatch; unknown module: WINMM.dllunknown module: SETUPAPI.dllunknown module: WINSTA.dllunknown module: OLEACC.dllunknown module: BROWSEUI.dllunknown module: OLEAUT32.dllunknown module: SHDOCVW.dllunknown module: UxTheme.dll
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00C1000A
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00C2000A
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:\WINDOWS\Explorer.EXE[1492] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\spoolsv.exe[1648] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\lsass.exe[716] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\lsass.exe[716] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\system32\svchost.exe[812] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[812] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[812] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[812] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[812] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgcsrvx.exe[828] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE[840] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\DllHost.exe[892] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\DllHost.exe[892] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\DllHost.exe[892] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\system32\svchost.exe[1028] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\svchost.exe[1028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\svchost.exe[1028] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\svchost.exe[1028] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\igfxsrvc.exe[1376] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
? C:\WINDOWS\Explorer.EXE[1492] time/date stamp mismatch; unknown module: WINMM.dllunknown module: SETUPAPI.dllunknown module: WINSTA.dllunknown module: OLEACC.dllunknown module: BROWSEUI.dllunknown module: OLEAUT32.dllunknown module: SHDOCVW.dllunknown module: UxTheme.dll
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00C1000A
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00C2000A
.text C:\WINDOWS\Explorer.EXE[1492] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:\WINDOWS\Explorer.EXE[1492] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Java\jre6\bin\jusched.exe[1616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\spoolsv.exe[1648] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\spoolsv.exe[1648] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
cont .... 3
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00EB000A
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00EC000A
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00EA000C
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
? C:\WINDOWS\system32\svchost.exe[1852] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[1852] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\System32\smss.exe[1964] time/date stamp mismatch;
? C:\WINDOWS\system32\svchost.exe[2028] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[2028] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Messenger\msmsgs.exe[2380] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\spoolsv.exe[1648] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00EB000A
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00EC000A
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00EA000C
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00D5C790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[1812] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00D62C50 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
? C:\WINDOWS\system32\svchost.exe[1852] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[1852] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[1852] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[1852] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[1852] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1872] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
? C:\WINDOWS\System32\smss.exe[1964] time/date stamp mismatch;
? C:\WINDOWS\system32\svchost.exe[2028] time/date stamp mismatch;
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\svchost.exe[2028] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\svchost.exe[2028] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\svchost.exe[2028] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\WINDOWS\system32\svchost.exe[2028] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2164] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2324] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[2356] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Messenger\msmsgs.exe[2380] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Messenger\msmsgs.exe[2380] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
cont ... 4
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
? C:\WINDOWS\System32\svchost.exe[3232] time/date stamp mismatch;
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\System32\svchost.exe[3232] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestExA
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\Messenger\msmsgs.exe[2380] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Messenger\msmsgs.exe[2380] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2444] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe[2472] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\AskBarDis\bar\bin\AskService.exe[2584] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Automatic Update\AutoUpdate.exe[2644] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\3M\PSNLite\PsnLite.exe[3108] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe[3180] ws2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
? C:\WINDOWS\System32\svchost.exe[3232] time/date stamp mismatch;
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\System32\svchost.exe[3232] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\System32\svchost.exe[3232] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\System32\svchost.exe[3232] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2001D423
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2001D74D
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2001DA66
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2001D3D5
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2001D8AA
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2001D6DE
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2001D7C2
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2001D985
.text C:\WINDOWS\System32\svchost.exe[3232] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2001D833
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestExA
cont ....5
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] user32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\wscntfy.exe[3708] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\wdfmgr.exe[3716] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] user32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0132000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0133000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 012E000C
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 05944D20 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 05944EA0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 059444A0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 05944600 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E53B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 012B000A
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 012C000A
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 012A000C
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 053F4D20 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 053F4EA0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 053F44A0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 053F4600 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ole32.dll!OleLoadFromStream
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!sendto 71AB2F51 5 Bytes JMP 2004D423
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!recvfrom 71AB2FF7 5 Bytes JMP 2004D74D
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 2004DA66
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!send 71AB4C27 5 Bytes JMP 2004D3D5
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSARecv 71AB4CB5 5 Bytes JMP 2004D8AA
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!recv 71AB676F 5 Bytes JMP 2004D6DE
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSASend 71AB68FA 5 Bytes JMP 2004D7C2
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSARecvFrom 71ABF66A 5 Bytes JMP 2004D985
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WS2_32.dll!WSASendTo 71AC0AAD 5 Bytes JMP 2004D833
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] user32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgnsx.exe[3536] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Automatic Update\AutoUpdateGUI.exe[3616] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\WINDOWS\system32\wscntfy.exe[3708] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\WINDOWS\system32\wscntfy.exe[3708] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\WINDOWS\system32\wscntfy.exe[3708] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\WINDOWS\system32\wdfmgr.exe[3716] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\WINDOWS\system32\wdfmgr.exe[3716] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\WINDOWS\system32\wdfmgr.exe[3716] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] user32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Program Files\AVG\AVG9\avgam.exe[3756] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2001FF3F
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20017A40
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2001FDBB
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2001C9AD
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2001EAD7
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2001E132
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2001E7B8
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2001EB92
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2001E0D3
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2001EBBF
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2001E09E
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2001EBEC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2001E9BC
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2001E915
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2001E105
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2001EC13
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AVG\AVG9\avgwdsvc.exe[3928] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0132000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0133000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 012E000C
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 05944D20 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 05944EA0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 059444A0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 05944600 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4284] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E53B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!NtResumeThread 7C90DB3E 5 Bytes JMP 20047A40
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 2004FDBB
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFile 3D94654B 5 Bytes JMP 2004EAD7
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetCloseHandle 3D949088 5 Bytes JMP 2004E132
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetQueryDataAvailable 3D94BF83 5 Bytes JMP 2004E7B8
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 2004EB92
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 2004E0D3
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpOpenRequestW 3D94FBFB 5 Bytes JMP 2004EBBF
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 2004E09E
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetOpenUrlA 3D95F3A4 5 Bytes JMP 2004EBEC
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFileExW 3D963349 5 Bytes JMP 2004E9BC
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetReadFileExA 3D963381 5 Bytes JMP 2004E915
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetWriteFile 3D9A608E 5 Bytes JMP 2004E105
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!InternetOpenUrlW 3D9A6D77 5 Bytes JMP 2004EC13
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestExA 3D9BA666 5 Bytes JMP 2004E058
.text C:\Documents and Settings\Administrator\Desktop\4tc1wn6j.exe[4556] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2004E012
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 012B000A
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 012C000A
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 012A000C
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TranslateMessage 7E418BF6 5 Bytes JMP 2004C9AD
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 053F4D20 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 053F4EA0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 053F44A0 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 053F4600 C:\Program Files\Vuze_Remote\tbVuz1.dll (Conduit Toolbar/Conduit Ltd.)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] SHLWAPI.dll!SHCreateStreamOnFileA + 2066 77FC22BC 5 Bytes JMP 00CDC790 C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (IEHelper/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5828] ole32.dll!OleLoadFromStream
cont ... 6 -
3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
7752981B 5 Bytes JMP 3E3E53B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
167414 bytes executable
3D9BA666 5 Bytes JMP 2001E058
.text C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe[3424] WININET.dll!HttpSendRequestExW 3D9BA6BF 5 Bytes JMP 2001E012
.text C:\PROGRA~1\3M\PSNLite\PSNGive.exe[3532] ntdll.dll!NtQueryDirectoryFile 7C90D76E 5 Bytes JMP 2004FF3F
7752981B 5 Bytes JMP 3E3E53B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\WINDOWS\Explorer.EXE[1492] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10026210] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
167414 bytes executable
cont .... 7 . point no 4 done. pls advice is its ok.
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8A86F41F
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8A86F41F
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskFUJITSU_MJA2160BH_G2____________________8919____#394b4e3439543235453547352020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\mdsiqaxb.exe 167414 bytes executable
File C:\Program Files\ewbvgark\mdsiqaxb.exe 167414 bytes executable
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10061080] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10060F60] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [10026260] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\PC Tools Security\BDT\FGuard.exe[2212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [100262C0] C:\Program Files\PC Tools Security\BDT\FGuardHks.dll (Browser Defender Social On Disk/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0365A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0365A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0365A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0374AB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0374AC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0300A9B0] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0300A950] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0300A900] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [030FAB68] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [030FAC88] C:\WINDOWS\PCTBDCore.dll (Browser Defender Core/Threat Expert Ltd.)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8A86F41F
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8A86F41F
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskFUJITSU_MJA2160BH_G2____________________8919____#394b4e3439543235453547352020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\mdsiqaxb.exe 167414 bytes executable
File C:\Program Files\ewbvgark\mdsiqaxb.exe 167414 bytes executable
dds.txt ... 1
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 3:16:40.06 on Wed 04/06/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.982 [GMT 0:00]
.
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Automatic Update\AutoUpdate.exe
C:\Program Files\Automatic Update\AutoUpdateGUI.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 3:16:40.06 on Wed 04/06/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.982 [GMT 0:00]
.
AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Automatic Update\AutoUpdate.exe
C:\Program Files\Automatic Update\AutoUpdateGUI.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
dds.txt ....2
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://techspot.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\ewbvgark\mdsiqaxb.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [2B5BEEEC4E692BCD] c:\winntse.bin\winntse.bin.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\post-i~1.lnk - c:\program files\3m\psnlite\PsnLite.exe
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://techspot.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\ewbvgark\mdsiqaxb.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuz1.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [2B5BEEEC4E692BCD] c:\winntse.bin\winntse.bin.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\post-i~1.lnk - c:\program files\3m\psnlite\PsnLite.exe
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
dds.txt ....3
Trusted Zone: amadeus.com\diagnostic
Trusted Zone: amadeus.net\diagnostic.1a
Trusted Zone: amadeuscruise.com\*
Trusted Zone: amadeusferry.com\*
Trusted Zone: amadeusproweb.com\*
Trusted Zone: amadeusvista.com
Trusted Zone: amadeusvista.com\*
Trusted Zone: amadeus.com\content
Trusted Zone: amadeus.net\content.1a
Trusted Zone: amadeuscruise.com\*
Trusted Zone: amadeusferry.com\*
Trusted Zone: amadeusproweb.com
Trusted Zone: amadeusproweb.com\*
Trusted Zone: amadeusvista.com
Trusted Zone: amadeusvista.com\*
Trusted Zone: amadeusvista.com\Muc.http.farm6.software
Trusted Zone: amadeusvista.com\Muc.http.farm8.software
Trusted Zone: amadeusvista.com\Muc.https.farm11.software
Trusted Zone: amadeusvista.com\Muc.https.farm5.software
DPF: {051FE707-9706-11D5-A836-000102A7C938} -
Trusted Zone: amadeus.com\diagnostic
Trusted Zone: amadeus.net\diagnostic.1a
Trusted Zone: amadeuscruise.com\*
Trusted Zone: amadeusferry.com\*
Trusted Zone: amadeusproweb.com\*
Trusted Zone: amadeusvista.com
Trusted Zone: amadeusvista.com\*
Trusted Zone: amadeus.com\content
Trusted Zone: amadeus.net\content.1a
Trusted Zone: amadeuscruise.com\*
Trusted Zone: amadeusferry.com\*
Trusted Zone: amadeusproweb.com
Trusted Zone: amadeusproweb.com\*
Trusted Zone: amadeusvista.com
Trusted Zone: amadeusvista.com\*
Trusted Zone: amadeusvista.com\Muc.http.farm6.software
Trusted Zone: amadeusvista.com\Muc.http.farm8.software
Trusted Zone: amadeusvista.com\Muc.https.farm11.software
Trusted Zone: amadeusvista.com\Muc.https.farm5.software
DPF: {051FE707-9706-11D5-A836-000102A7C938} -
- Status
Similar threads
Latest posts
-
New Affordable AMD B650 Motherboard Roundup- Loadedaxe replied
-
Sony's Ghost of Tsushima brings familiar PlayStation features to PC- WhiteLeaff replied
