MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Zpráva

pips13 · #1 Příspěvek od **pips13** » 01 led 2012 12:31

Zdravím,

Mám v PC MBR: \\.\PHYSICALDRIVE0 a nevím jak ho odstranit, avast tomu to nejde. A já vůbec nevím. Prosím poraďte ...

Díky

pips13 · #2 Příspěvek od **pips13** » 01 led 2012 12:50

Prosím pomoc, četl jsem zde něco o nějakém Logu, ale vůbec nevím jak. Jsem na viry a programy úplný amatér.

pips13 · #3 Příspěvek od **pips13** » 01 led 2012 13:05

Kód: Vybrat vše

MBRScan v1.0.1

OS        : Windows XP Home Service Pack 2 (32 bit)
PROCESSOR : x86 Family 15 Model 4 Stepping 9, GenuineIntel
BOOT      : Normal Boot

================================================================================

\Device\Harddisk0\DR0     	149 Go	 [Fixed]  ==> Unknown MBR Code

MBR_MD5   : F6A44B3F4E9ACEB4F5712898CFE0CB77
MBR_SHA-1 : 96475EBC438A5C8CA9468FFCCEAA9E0C546ABB0B

\Device\Harddisk0\Partition1	149 Go	 [Fixed]  0x07 NTFS / HPFS ___ BOOTABLE ___

================================================================================


_______MBR   \Device\Harddisk0\DR0  

0x00000000   90 31 C0 90 8E D8 8E C0 90 8E D0 BC 00 7C BE 00   .1À..Ø.À..Ð¼.|¾.
0x00000010   7C 90 BF 00 06 90 B9 80 00 90 FC F3 66 A5 90 EA   |.¿...¹...üóf¥.ê
0x00000020   26 06 00 00 90 90 66 31 C0 90 BE BE 07 B1 04 66   &.....f1À.¾¾.±.f
0x00000030   39 44 08 90 72 08 66 8B 44 08 66 03 44 0C 83 C6   9D..r.f.D.f.D..Æ
0x00000040   10 90 83 2E 8B 06 04 E2 E6 66 09 C0 74 40 66 83   .......âæf.Àt@f.
0x00000050   C0 02 90 B9 40 00 BB 00 7C BF 12 07 90 83 2E 8B   À..¹@.».|¿......
0x00000060   06 04 E8 71 00 72 27 66 68 83 C4 14 90 90 66 68   ..èq.r'fh.Ä...fh
0x00000070   04 46 E2 F9 90 66 68 80 FF D7 30 90 66 68 89 C3   .Fâù.fh..×0.fh.Ã
0x00000080   B9 00 90 66 68 BE 00 7C 66 0F 83 73 75 E8 BE BE   ¹..fh¾.|f..suè¾¾
0x00000090   07 B1 04 80 3C 80 74 0F 38 2C 0F 85 96 00 83 C6   .±..<.t.8,.....Æ
0x000000A0   10 E2 F0 90 CD 18 90 66 8B 44 08 89 E3 B9 01 00   .âð.Í..f.D..ã¹..
0x000000B0   90 E8 22 00 73 0E 8B 4C 02 B8 01 02 90 CD 13 0F   .è".s..L.¸...Í..
0x000000C0   82 8B 00 90 81 3E FE 7D 55 AA 90 0F 85 A0 00 90   .....>þ}Uª......
0x000000D0   EA 00 7C 00 00 90 66 60 90 BB AA 55 B4 41 CD 13   ê.|...f`.»ªU´AÍ.
0x000000E0   90 73 04 F9 66 61 C3 81 FB 55 AA 75 F6 90 F6 C1   .s.ùfaÃ.ûUªuö.öÁ
0x000000F0   01 74 F0 66 61 90 66 60 6A 00 90 6A 00 66 50 06   .tðfa.f`j..j.fP.
0x00000100   90 53 51 90 6A 10 B4 42 90 89 E6 CD 13 61 90 66   .SQ.j.´B..æÍ.a.f
0x00000110   61 C3 66 69 DB FD 43 03 00 90 66 81 C3 C3 9E 26   aÃfiÛýC...f.ÃÃ.&
0x00000120   00 90 66 89 D8 90 66 C1 E8 10 90 66 25 FF 00 00   ..f.Ø.fÁè..f%...
0x00000130   00 90 C3 90 49 6E 76 61 6C 69 64 20 70 61 72 74   ..Ã.Invalid part
0x00000140   69 74 69 6F 6E 20 74 61 62 6C 65 00 90 90 45 72   ition table...Er
0x00000150   72 6F 72 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72   ror loading oper
0x00000160   61 74 69 6E 67 20 73 79 73 74 65 6D 00 90 90 4D   ating system...M
0x00000170   69 73 73 69 6E 67 20 6F 70 65 72 61 74 69 6E 67   issing operating
0x00000180   20 73 79 73 74 65 6D 00 00 00 00 00 00 00 00 00    system.........
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 31 D7 31 D7 00 00 80 01   ........1×1×....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 C1 4B A1 12 00 00   ...þ..?...ÁK¡...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

pips13 · #4 Příspěvek od **pips13** » 01 led 2012 13:11

aswMBR version 0.9.9.1124 Copyright(c) 2011 AVAST Software
Run date: 2012-01-01 13:06:55
-----------------------------
13:06:55.625 OS Version: Windows 5.1.2600 Service Pack 2
13:06:55.625 Number of processors: 2 586 0x409
13:06:55.625 ComputerName: PETR UserName: pc
13:06:56.359 Initialize success
13:06:56.953 AVAST engine defs: 12010100
13:07:51.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:07:51.453 Disk 0 Vendor: WDC_WD1600JS-22NCB1 10.02E02 Size: 152626MB BusType: 3
13:07:51.453 Device \Driver\atapi -> MajorFunction 89e541f8
13:07:51.484 Disk 0 MBR read successfully
13:07:51.484 Disk 0 MBR scan
13:07:51.546 Disk 0 MBR:Whistler-C [Rtk]
13:07:51.546 Disk 0 Whistler@MBR code has been found
13:07:51.546 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
13:07:51.546 Disk 0 MBR [Whistler] **ROOTKIT**
13:07:51.593 Disk 0 scanning C:\WINDOWS\system32\drivers
13:08:03.562 Service scanning
13:08:04.078 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:08:04.625 Modules scanning
13:08:11.546 Disk 0 trace - called modules:
13:08:11.562 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys >>UNKNOWN [0x89e50828]<<
13:08:11.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d8aab8]
13:08:11.578 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> \Device\00000075[0x89d0b9e8]
13:08:11.578 5 ACPI.sys[b9e67620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89d8e940]
13:08:11.578 \Driver\atapi[0x89dba460] -> IRP_MJ_CREATE -> 0x89e541f8
13:08:11.984 AVAST engine scan C:\WINDOWS
13:08:18.390 AVAST engine scan C:\WINDOWS\system32
13:10:04.343 AVAST engine scan C:\WINDOWS\system32\drivers
13:10:17.968 AVAST engine scan C:\Documents and Settings\pc
13:10:44.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pc\Plocha\MBR.dat"
13:10:44.421 The log file has been saved successfully to "C:\Documents and Settings\pc\Plocha\aswMBR.txt"

pips13 · #5 Příspěvek od **pips13** » 01 led 2012 13:12

Jedná se o stolní PC.

PC byl koupen v celku, přímo v prodejně.

pips13 · #6 Příspěvek od **pips13** » 01 led 2012 13:34

pips13 · #7 Příspěvek od **pips13** » 01 led 2012 13:34

pips13 · #8 Příspěvek od **pips13** » 01 led 2012 13:36

aswMBR version 0.9.9.1124 Copyright(c) 2011 AVAST Software
Run date: 2012-01-01 13:26:16
-----------------------------
13:26:16.953 OS Version: Windows 5.1.2600 Service Pack 2
13:26:16.953 Number of processors: 2 586 0x409
13:26:16.953 ComputerName: PETR UserName: pc
13:26:17.453 Initialize success
13:26:17.578 AVAST engine defs: 12010100
13:29:07.546 Verifying
13:29:17.562 Disk 0 Windows 501 MBR fixed successfully
13:29:32.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:29:32.250 Disk 0 Vendor: WDC_WD1600JS-22NCB1 10.02E02 Size: 152626MB BusType: 3
13:29:32.250 Device \Driver\atapi -> MajorFunction 89e541f8
13:29:32.265 Disk 0 MBR read successfully
13:29:32.265 Disk 0 MBR scan
13:29:32.281 Disk 0 Windows XP default MBR code
13:29:32.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
13:29:32.281 Disk 0 scanning sectors +312560640
13:29:32.406 Disk 0 scanning C:\WINDOWS\system32\drivers
13:29:44.015 Service scanning
13:29:44.609 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:29:45.171 Modules scanning
13:29:54.437 Disk 0 trace - called modules:
13:29:54.437
13:29:54.921 AVAST engine scan C:\WINDOWS
13:30:04.625 AVAST engine scan C:\WINDOWS\system32
13:32:08.328 AVAST engine scan C:\WINDOWS\system32\drivers
13:32:28.000 AVAST engine scan C:\Documents and Settings\pc
13:35:18.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pc\Plocha\MBR.dat"
13:35:18.015 The log file has been saved successfully to "C:\Documents and Settings\pc\Plocha\aswMBR2.txt"

aswMBR version 0.9.9.1124 Copyright(c) 2011 AVAST Software
Run date: 2012-01-01 13:26:16
-----------------------------
13:26:16.953 OS Version: Windows 5.1.2600 Service Pack 2
13:26:16.953 Number of processors: 2 586 0x409
13:26:16.953 ComputerName: PETR UserName: pc
13:26:17.453 Initialize success
13:26:17.578 AVAST engine defs: 12010100
13:29:07.546 Verifying
13:29:17.562 Disk 0 Windows 501 MBR fixed successfully
13:29:32.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:29:32.250 Disk 0 Vendor: WDC_WD1600JS-22NCB1 10.02E02 Size: 152626MB BusType: 3
13:29:32.250 Device \Driver\atapi -> MajorFunction 89e541f8
13:29:32.265 Disk 0 MBR read successfully
13:29:32.265 Disk 0 MBR scan
13:29:32.281 Disk 0 Windows XP default MBR code
13:29:32.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
13:29:32.281 Disk 0 scanning sectors +312560640
13:29:32.406 Disk 0 scanning C:\WINDOWS\system32\drivers
13:29:44.015 Service scanning
13:29:44.609 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:29:45.171 Modules scanning
13:29:54.437 Disk 0 trace - called modules:
13:29:54.437
13:29:54.921 AVAST engine scan C:\WINDOWS
13:30:04.625 AVAST engine scan C:\WINDOWS\system32
13:32:08.328 AVAST engine scan C:\WINDOWS\system32\drivers
13:32:28.000 AVAST engine scan C:\Documents and Settings\pc
13:35:18.015 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pc\Plocha\MBR.dat"
13:35:18.015 The log file has been saved successfully to "C:\Documents and Settings\pc\Plocha\aswMBR2.txt"
13:36:07.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pc\Plocha\MBR.dat"
13:36:07.312 The log file has been saved successfully to "C:\Documents and Settings\pc\Plocha\aswMBR2.txt"

pips13 · #9 Příspěvek od **pips13** » 01 led 2012 13:42

Logfile of random's system information tool 1.09 (written by random/random)
Run by pc at 2012-01-01 13:41:24
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 42 GB (28%) free of 153 GB
Total RAM: 2047 MB (64% free)

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\pc\Data aplikací\Mozilla\Firefox\Profiles\nisle19a.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.4, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16, Office2007Black@JBBS:1.5.6"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
AskSearch.js
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
install.rdf
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
npqtplugin.dll
nsiqtscriptableplugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\pc\Data aplikací\Mozilla\Firefox\Profiles\nisle19a.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\pc\Data aplikací\Mozilla\Firefox\Profiles\nisle19a.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-10-03 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - BearShare MediaBar - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll []
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-06-01 86016]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-18 16207872]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-03-21 91432]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2007-05-31 61440]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Media Key.lnk - C:\Program Files\Media Key\MagicKey.exe

C:\Documents and Settings\pc\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007 (2).lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-12-15 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\pc\Plocha\Call of Duty\CoDMP.exe"="C:\Documents and Settings\pc\Plocha\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Program Files\EA Games\Medal of Honor Pacific Assault(tm)\mohpa.exe"="C:\Program Files\EA Games\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\launcher.exe"="C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\launcher.exe:*:Enabled:launcher"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Disabled:QIP Infium"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.172\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.172\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.062\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.062\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX05.265\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX05.265\StrongDC.exe:*:Disabled:StrongDC++"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.547\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX00.547\StrongDC.exe:*:Disabled:StrongDC++"
"C:\Program Files\StrongDC.exe"="C:\Program Files\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Counter Strike 1.6\hl.exe"="C:\Program Files\Counter Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX04.281\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX04.281\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX71.125\StrongDC.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX71.125\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\pc\Dokumenty\2003\StrongDC.exe"="C:\Documents and Settings\pc\Dokumenty\2003\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Documents and Settings\pc\Dokumenty\Strong dc ++\StrongDC.exe"="C:\Documents and Settings\pc\Dokumenty\Strong dc ++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\EA Games\Battlefield 1942\BF1942.exe"="C:\Program Files\EA Games\Battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Program Files\Panzer Elite Action\Panzer Elite Action\pea.exe"="C:\Program Files\Panzer Elite Action\Panzer Elite Action\pea.exe:*:Enabled:Panzer Elite Action"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Metin2_CZ\mc.exe"="C:\Program Files\Metin2_CZ\mc.exe:*:Enabled:mc"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\pc\Plocha\Mt2-coolczech\mc.exe"="C:\Documents and Settings\pc\Plocha\Mt2-coolczech\mc.exe:*:Enabled:mc"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Disabled:metin2client"
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe"="C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.wmv3"=wmv9vcm.dll
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-01-01 13:41:25 ----D---- C:\Program Files\trend micro
2012-01-01 13:41:24 ----D---- C:\rsit
2011-12-09 14:31:37 ----D---- C:\Documents and Settings\pc\Data aplikací\Broad Intelligence

======List of files/folders modified in the last 1 month======

2012-01-01 13:41:25 ----RD---- C:\Program Files
2012-01-01 13:41:22 ----D---- C:\WINDOWS\Prefetch
2012-01-01 13:08:09 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-01 12:18:25 ----D---- C:\WINDOWS
2012-01-01 12:14:01 ----D---- C:\WINDOWS\Temp
2012-01-01 11:56:47 ----A---- C:\WINDOWS\win.ini
2011-12-31 21:03:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-30 17:11:47 ----D---- C:\Program Files\Mozilla Firefox
2011-12-28 14:25:57 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-12-27 18:17:04 ----D---- C:\WINDOWS\Minidump
2011-12-27 18:17:04 ----D---- C:\WINDOWS\Debug
2011-12-19 19:10:17 ----D---- C:\Documents and Settings\pc\Data aplikací\Skype
2011-12-19 14:32:56 ----SHD---- C:\WINDOWS\Installer
2011-12-19 14:32:46 ----RD---- C:\Program Files\Skype
2011-12-19 14:32:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-12-16 19:30:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-12-16 19:28:16 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-10 13:08:52 ----D---- C:\WINDOWS\system32
2011-12-09 14:00:51 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-10-07 115744]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\system32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\system32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\system32\drivers\sfsync04.sys [2006-05-10 52224]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-08-29 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-28 9291]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-04 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-06-04 18048]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2007-07-19 16384]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2007-07-20 9856]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-16 4275712]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-06-19 81792]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2005-04-12 17632]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 anzm7v3o;anzm7v3o; C:\WINDOWS\system32\drivers\anzm7v3o.sys []
S3 aols812t;aols812t; C:\WINDOWS\system32\drivers\aols812t.sys []
S3 aswMBR;aswMBR; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\aswMBR.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 cusbohcn;cusbohcn; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\cusbohcn.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-10 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2008-12-25 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2008-12-25 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2008-12-25 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2008-12-25 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2008-12-25 83344]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-12-22 47360]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2011-10-03 161664]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-01 155715]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-02-08 66872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-18 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-18 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

pips13 · #10 Příspěvek od **pips13** » 01 led 2012 14:06

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-09-30.01)
.
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 16.8.2008 18:22:37
System Uptime: 1.1.2012 11:47:36 (3 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | 8I945PLGE-RH
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 775 | 3014/200mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 775 | 3014/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 42,124 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is CDROM ()
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: SCSI/RAID Host Controller
Device ID: ACPI\PNPA000\4&5D18F2DF&1
Manufacturer:
Name: SCSI/RAID Host Controller
PNP Device ID: ACPI\PNPA000\4&5D18F2DF&1
Service: anzm7v3o
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: Jednotka CD-ROM
Device ID: SCSI\CDROM&VEN_BMHMBE&PROD_BGPERW9ARK&REV_1.03\5&36E5972&0&000
Manufacturer: (Standardní jednotky CD-ROM)
Name: BMHMBE BGPERW9ARK SCSI CdRom Device
PNP Device ID: SCSI\CDROM&VEN_BMHMBE&PROD_BGPERW9ARK&REV_1.03\5&36E5972&0&000
Service: cdrom
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 5200
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5200
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP790: 2.10.2011 18:09:04 - Kontrolní bod systému
RP791: 3.10.2011 15:12:23 - Installed Java(TM) SE Development Kit 7
RP792: 3.10.2011 15:13:20 - Installed Java(TM) 7
RP793: 4.10.2011 19:06:59 - Kontrolní bod systému
RP794: 6.10.2011 10:23:49 - Kontrolní bod systému
RP795: 7.10.2011 11:22:27 - Kontrolní bod systému
RP796: 8.10.2011 12:46:07 - Kontrolní bod systému
RP797: 9.10.2011 16:40:59 - Kontrolní bod systému
RP798: 11.10.2011 8:36:48 - Kontrolní bod systému
RP799: 13.10.2011 11:02:17 - Kontrolní bod systému
RP800: 14.10.2011 15:06:42 - Software Distribution Service 3.0
RP801: 15.10.2011 16:39:12 - Kontrolní bod systému
RP802: 17.10.2011 11:42:03 - Kontrolní bod systému
RP803: 18.10.2011 13:48:26 - Kontrolní bod systému
RP804: 21.10.2011 7:42:18 - Kontrolní bod systému
RP805: 22.10.2011 16:28:43 - Kontrolní bod systému
RP806: 23.10.2011 17:35:43 - Kontrolní bod systému
RP807: 25.10.2011 15:37:51 - Kontrolní bod systému
RP808: 26.10.2011 16:42:09 - Kontrolní bod systému
RP809: 28.10.2011 15:01:30 - Removed Call of Duty(R) 2
RP810: 31.10.2011 9:37:14 - Kontrolní bod systému
RP811: 1.11.2011 16:57:28 - Kontrolní bod systému
RP812: 3.11.2011 10:57:50 - Kontrolní bod systému
RP813: 4.11.2011 13:50:08 - Kontrolní bod systému
RP814: 5.11.2011 14:00:39 - Kontrolní bod systému
RP815: 6.11.2011 16:58:17 - Kontrolní bod systému
RP816: 7.11.2011 18:11:20 - Kontrolní bod systému
RP817: 9.11.2011 13:52:58 - Kontrolní bod systému
RP818: 10.11.2011 7:55:25 - Software Distribution Service 3.0
RP819: 11.11.2011 11:15:19 - Kontrolní bod systému
RP820: 12.11.2011 17:00:24 - Kontrolní bod systému
RP821: 14.11.2011 12:29:12 - Kontrolní bod systému
RP822: 17.11.2011 14:49:49 - Kontrolní bod systému
RP823: 18.11.2011 16:55:23 - Kontrolní bod systému
RP824: 19.11.2011 18:00:37 - Kontrolní bod systému
RP825: 21.11.2011 16:37:21 - Kontrolní bod systému
RP826: 22.11.2011 14:57:02 - Removed Far Cry 2
RP827: 23.11.2011 16:11:27 - Kontrolní bod systému
RP828: 25.11.2011 12:35:20 - Kontrolní bod systému
RP829: 26.11.2011 13:16:44 - Kontrolní bod systému
RP830: 27.11.2011 13:40:53 - Kontrolní bod systému
RP831: 28.11.2011 13:58:00 - Kontrolní bod systému
RP832: 29.11.2011 14:21:47 - Kontrolní bod systému
RP833: 30.11.2011 14:34:11 - Kontrolní bod systému
RP834: 2.12.2011 19:47:38 - Kontrolní bod systému
RP835: 4.12.2011 13:03:58 - Kontrolní bod systému
RP836: 6.12.2011 10:21:32 - Kontrolní bod systému
RP837: 7.12.2011 10:58:55 - Kontrolní bod systému
RP838: 8.12.2011 11:23:05 - Kontrolní bod systému
RP839: 9.12.2011 12:34:03 - Kontrolní bod systému
RP840: 10.12.2011 14:12:06 - Kontrolní bod systému
RP841: 11.12.2011 15:04:54 - Kontrolní bod systému
RP842: 13.12.2011 18:28:14 - Kontrolní bod systému
RP843: 15.12.2011 10:20:50 - Kontrolní bod systému
RP844: 16.12.2011 13:31:18 - Kontrolní bod systému
RP845: 16.12.2011 19:25:01 - Software Distribution Service 3.0
RP846: 18.12.2011 16:13:48 - Kontrolní bod systému
RP847: 19.12.2011 17:15:21 - Kontrolní bod systému
RP848: 21.12.2011 17:36:49 - Kontrolní bod systému
RP849: 23.12.2011 15:40:00 - Kontrolní bod systému
RP850: 25.12.2011 12:36:39 - Kontrolní bod systému
RP851: 27.12.2011 15:59:29 - Kontrolní bod systému
RP852: 28.12.2011 17:12:15 - Kontrolní bod systému
RP853: 29.12.2011 18:10:30 - Kontrolní bod systému
RP854: 30.12.2011 19:07:05 - Kontrolní bod systému
.
==== Image File Execution Options =============
.
IFEO: Your Image File Name Here without a path - ntsd -d
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Shockwave Player 11.6
Aktualizace systému Windows XP (KB894391)
Aktualizace systému Windows XP (KB898461)
Aktualizace systému Windows XP (KB900485)
Aktualizace systému Windows XP (KB908531)
Aktualizace systému Windows XP (KB910437)
Aktualizace systému Windows XP (KB911280)
Aktualizace systému Windows XP (KB916595)
Aktualizace systému Windows XP (KB920872)
Aktualizace systému Windows XP (KB922582)
Aktualizace systému Windows XP (KB925720)
Aktualizace systému Windows XP (KB927891)
Aktualizace systému Windows XP (KB930916)
Aktualizace systému Windows XP (KB932823-v3)
Aktualizace systému Windows XP (KB936357)
Aktualizace systému Windows XP (KB938828)
Aktualizace systému Windows XP (KB951072-v2)
Aktualizace systému Windows XP (KB955759)
Aktualizace systému Windows XP (KB955839)
Aktualizace systému Windows XP (KB967715)
Aktualizace systému Windows XP (KB968389)
Aktualizace systému Windows XP (KB971737)
Aktualizace systému Windows XP (KB973687)
Aktualizace systému Windows XP (KB973815)
Aktualizace zabezpečení aplikace Windows Media Player (KB911564)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)
Aktualizace zabezpečení aplikace Windows Media Player 10 (KB936782)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)
Aktualizace zabezpečení aplikace Windows Media Player 6.4 (KB925398)
Aktualizace zabezpečení produktu Windows XP (KB923689)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB960714)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB961260)
Aktualizace zabezpečení systému Windows XP (KB2229593)
Aktualizace zabezpečení systému Windows XP (KB890046)
Aktualizace zabezpečení systému Windows XP (KB893756)
Aktualizace zabezpečení systému Windows XP (KB896358)
Aktualizace zabezpečení systému Windows XP (KB896423)
Aktualizace zabezpečení systému Windows XP (KB896428)
Aktualizace zabezpečení systému Windows XP (KB899587)
Aktualizace zabezpečení systému Windows XP (KB899591)
Aktualizace zabezpečení systému Windows XP (KB900725)
Aktualizace zabezpečení systému Windows XP (KB901017)
Aktualizace zabezpečení systému Windows XP (KB901214)
Aktualizace zabezpečení systému Windows XP (KB902400)
Aktualizace zabezpečení systému Windows XP (KB905414)
Aktualizace zabezpečení systému Windows XP (KB905749)
Aktualizace zabezpečení systému Windows XP (KB908519)
Aktualizace zabezpečení systému Windows XP (KB911562)
Aktualizace zabezpečení systému Windows XP (KB911927)
Aktualizace zabezpečení systému Windows XP (KB913580)
Aktualizace zabezpečení systému Windows XP (KB914388)
Aktualizace zabezpečení systému Windows XP (KB914389)
Aktualizace zabezpečení systému Windows XP (KB918118)
Aktualizace zabezpečení systému Windows XP (KB918439)
Aktualizace zabezpečení systému Windows XP (KB920213)
Aktualizace zabezpečení systému Windows XP (KB920670)
Aktualizace zabezpečení systému Windows XP (KB920683)
Aktualizace zabezpečení systému Windows XP (KB920685)
Aktualizace zabezpečení systému Windows XP (KB923191)
Aktualizace zabezpečení systému Windows XP (KB923561)
Aktualizace zabezpečení systému Windows XP (KB923789)
Aktualizace zabezpečení systému Windows XP (KB923980)
Aktualizace zabezpečení systému Windows XP (KB924270)
Aktualizace zabezpečení systému Windows XP (KB924667)
Aktualizace zabezpečení systému Windows XP (KB925902)
Aktualizace zabezpečení systému Windows XP (KB926255)
Aktualizace zabezpečení systému Windows XP (KB926436)
Aktualizace zabezpečení systému Windows XP (KB927779)
Aktualizace zabezpečení systému Windows XP (KB927802)
Aktualizace zabezpečení systému Windows XP (KB928255)
Aktualizace zabezpečení systému Windows XP (KB929123)
Aktualizace zabezpečení systému Windows XP (KB930178)
Aktualizace zabezpečení systému Windows XP (KB931261)
Aktualizace zabezpečení systému Windows XP (KB932168)
Aktualizace zabezpečení systému Windows XP (KB933729)
Aktualizace zabezpečení systému Windows XP (KB935839)
Aktualizace zabezpečení systému Windows XP (KB935840)
Aktualizace zabezpečení systému Windows XP (KB937894)
Aktualizace zabezpečení systému Windows XP (KB938464)
Aktualizace zabezpečení systému Windows XP (KB943055)
Aktualizace zabezpečení systému Windows XP (KB943460)
Aktualizace zabezpečení systému Windows XP (KB943485)
Aktualizace zabezpečení systému Windows XP (KB944338-v2)
Aktualizace zabezpečení systému Windows XP (KB944653)
Aktualizace zabezpečení systému Windows XP (KB945553)
Aktualizace zabezpečení systému Windows XP (KB946026)
Aktualizace zabezpečení systému Windows XP (KB946648)
Aktualizace zabezpečení systému Windows XP (KB950749)
Aktualizace zabezpečení systému Windows XP (KB950762)
Aktualizace zabezpečení systému Windows XP (KB950974)
Aktualizace zabezpečení systému Windows XP (KB951066)
Aktualizace zabezpečení systému Windows XP (KB951376-v2)
Aktualizace zabezpečení systému Windows XP (KB951698)
Aktualizace zabezpečení systému Windows XP (KB951748)
Aktualizace zabezpečení systému Windows XP (KB952004)
Aktualizace zabezpečení systému Windows XP (KB952954)
Aktualizace zabezpečení systému Windows XP (KB953838)
Aktualizace zabezpečení systému Windows XP (KB953839)
Aktualizace zabezpečení systému Windows XP (KB954211)
Aktualizace zabezpečení systému Windows XP (KB954600)
Aktualizace zabezpečení systému Windows XP (KB955069)
Aktualizace zabezpečení systému Windows XP (KB956390)
Aktualizace zabezpečení systému Windows XP (KB956391)
Aktualizace zabezpečení systému Windows XP (KB956572)
Aktualizace zabezpečení systému Windows XP (KB956802)
Aktualizace zabezpečení systému Windows XP (KB956803)
Aktualizace zabezpečení systému Windows XP (KB956841)
Aktualizace zabezpečení systému Windows XP (KB956844)
Aktualizace zabezpečení systému Windows XP (KB957095)
Aktualizace zabezpečení systému Windows XP (KB957097)
Aktualizace zabezpečení systému Windows XP (KB958215)
Aktualizace zabezpečení systému Windows XP (KB958470)
Aktualizace zabezpečení systému Windows XP (KB958644)
Aktualizace zabezpečení systému Windows XP (KB958687)
Aktualizace zabezpečení systému Windows XP (KB958690)
Aktualizace zabezpečení systému Windows XP (KB958869)
Aktualizace zabezpečení systému Windows XP (KB959426)
Aktualizace zabezpečení systému Windows XP (KB960225)
Aktualizace zabezpečení systému Windows XP (KB960714)
Aktualizace zabezpečení systému Windows XP (KB960715)
Aktualizace zabezpečení systému Windows XP (KB960803)
Aktualizace zabezpečení systému Windows XP (KB960859)
Aktualizace zabezpečení systému Windows XP (KB961371)
Aktualizace zabezpečení systému Windows XP (KB961373)
Aktualizace zabezpečení systému Windows XP (KB961501)
Aktualizace zabezpečení systému Windows XP (KB968537)
Aktualizace zabezpečení systému Windows XP (KB969059)
Aktualizace zabezpečení systému Windows XP (KB969898)
Aktualizace zabezpečení systému Windows XP (KB969947)
Aktualizace zabezpečení systému Windows XP (KB970238)
Aktualizace zabezpečení systému Windows XP (KB970430)
Aktualizace zabezpečení systému Windows XP (KB971032)
Aktualizace zabezpečení systému Windows XP (KB971468)
Aktualizace zabezpečení systému Windows XP (KB971486)
Aktualizace zabezpečení systému Windows XP (KB971557)
Aktualizace zabezpečení systému Windows XP (KB971633)
Aktualizace zabezpečení systému Windows XP (KB971657)
Aktualizace zabezpečení systému Windows XP (KB972270)
Aktualizace zabezpečení systému Windows XP (KB973346)
Aktualizace zabezpečení systému Windows XP (KB973354)
Aktualizace zabezpečení systému Windows XP (KB973507)
Aktualizace zabezpečení systému Windows XP (KB973525)
Aktualizace zabezpečení systému Windows XP (KB973869)
Aktualizace zabezpečení systému Windows XP (KB973904)
Aktualizace zabezpečení systému Windows XP (KB974112)
Aktualizace zabezpečení systému Windows XP (KB974318)
Aktualizace zabezpečení systému Windows XP (KB974392)
Aktualizace zabezpečení systému Windows XP (KB974571)
Aktualizace zabezpečení systému Windows XP (KB975025)
Aktualizace zabezpečení systému Windows XP (KB975467)
Aktualizace zabezpečení systému Windows XP (KB975560)
Aktualizace zabezpečení systému Windows XP (KB975561)
Aktualizace zabezpečení systému Windows XP (KB975562)
Aktualizace zabezpečení systému Windows XP (KB975713)
Aktualizace zabezpečení systému Windows XP (KB977165)
Aktualizace zabezpečení systému Windows XP (KB977816)
Aktualizace zabezpečení systému Windows XP (KB977914)
Aktualizace zabezpečení systému Windows XP (KB978037)
Aktualizace zabezpečení systému Windows XP (KB978251)
Aktualizace zabezpečení systému Windows XP (KB978262)
Aktualizace zabezpečení systému Windows XP (KB978338)
Aktualizace zabezpečení systému Windows XP (KB978542)
Aktualizace zabezpečení systému Windows XP (KB978601)
Aktualizace zabezpečení systému Windows XP (KB978706)
Aktualizace zabezpečení systému Windows XP (KB979309)
Aktualizace zabezpečení systému Windows XP (KB979482)
Aktualizace zabezpečení systému Windows XP (KB979559)
Aktualizace zabezpečení systému Windows XP (KB979683)
Aktualizace zabezpečení systému Windows XP (KB980195)
Aktualizace zabezpečení systému Windows XP (KB980218)
Aktualizace zabezpečení systému Windows XP (KB980232)
ATF
avast! Free Antivirus
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Call of Duty Modern Warfare 2
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.1 Patch
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) 2
Call of Duty(R) 4 - Modern Warfare(TM)
Canon MP Navigator EX 1.0
Canon MP520 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CCleaner (remove only)
CoD 2 čeština 1.1
Codec Pack - All In 1 6.0.3.0
ConvertXtoDVD 3.5.2.137
CyberLink PowerDVD 8
Důležitá aktualizace aplikace Windows Media Player 11 (KB959772)
DVD Decrypter (Remove Only)
EA Download Manager
EAX4 Unified Redist
Far Cry
FIFA 08
Flatout
FlatOut2
Foxit PDF Editor
Foxit Reader
GameSpy Arcade
Google Chrome
Google Update Helper
GTA San Andreas
GTAIII
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
ioCentre
Java(TM) 6 Update 13
Java(TM) 7
Java(TM) SE Development Kit 7
Logitech Gaming Software
Medal of Honor Allied Assault
Media Key
MediaBar 2.0
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Czech) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office Groove MUI (Czech) 2007
Microsoft Office InfoPath MUI (Czech) 2007
Microsoft Office OneNote MUI (Czech) 2007
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Czech) 2007
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (Czech) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 9.0.1 (x86 cs)
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MV2Player (remove only)
Need for Speed™ Carbon
Nero 7 Ultra Edition
neroxml
NetBeans IDE 7.0.1
NHL® 08
NHL® 09
NHL07
NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up
Nokia Connectivity Cable Driver
NVIDIA Drivers
Opera 11.52
Oprava hotfix aplikace Windows Media Player 11 (KB939683)
Oprava Hotfix systému Windows XP (KB935448)
Oprava Hotfix systému Windows XP (KB952287)
Oprava Hotfix systému Windows XP (KB961118)
Oprava Hotfix systému Windows XP (KB970653-v3)
Oprava Hotfix systému Windows XP (KB976098-v2)
Oprava Hotfix systému Windows XP (KB979306)
Oprava Hotfix systému Windows XP (KB981793)
Oprava Hotfix systému Windows XP číslo KB873339
Oprava Hotfix systému Windows XP číslo KB885835
Oprava Hotfix systému Windows XP číslo KB885836
Oprava Hotfix systému Windows XP číslo KB886185
Oprava Hotfix systému Windows XP číslo KB887472
Oprava Hotfix systému Windows XP číslo KB888302
Oprava Hotfix systému Windows XP číslo KB890859
Oprava Hotfix systému Windows XP číslo KB891781
PC Connectivity Solution
PhotoFiltre
PIXMA Extended Survey Program
PowerISO
PSPad editor
PunkBuster Services
QIP 2005 8095
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Registrace uživatele zařízení Canon MP520 series
ScanSoft OmniPage SE 4
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.5
swMSM
Ultra QuickTime Converter 3.2.0220
UnderCoverXP 1.16
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VCRedistSetup
Vista Codec Package
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8 Beta 2
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
WinRAR
XML Paper Specification Shared Components Pack 1.0
Zoner Photo Studio 12
.
==== End Of File ===========================

pips13 · #11 Příspěvek od **pips13** » 01 led 2012 14:15

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 2)
Number of processors #2
==============================================
>SSDT State
==============================================
ntkrnlpa.exe-->NtAddBootEntry, Type: Address change 0x80614900-->B6237FC4 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtAllocateVirtualMemory, Type: Address change 0x805A7590-->B629C510 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntkrnlpa.exe-->NtClose, Type: Address change 0x805BAF74-->B625B6A9 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateEvent, Type: Address change 0x8060CE66-->B623A456 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateEventPair, Type: Address change 0x80615184-->B623A4AE [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateIoCompletion, Type: Address change 0x8057675C-->B623A5C4 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateKey, Type: Address change 0x80622142-->B625B05D [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateMutant, Type: Address change 0x8061557C-->B623A3AC [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateSection, Type: Address change 0x805A9E9E-->B623A4FE [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateSemaphore, Type: Address change 0x80612F2C-->B623A400 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtCreateTimer, Type: Address change 0x80614E4C-->B623A572 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtDeleteBootEntry, Type: Address change 0x80614E3E-->B6237FE8 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtDeleteKey, Type: Address change 0x806225DE-->B625BD6F [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtDeleteValueKey, Type: Address change 0x806227AE-->B625C025 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtDuplicateObject, Type: Address change 0x805BC950-->B623A848 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtEnumerateKey, Type: Address change 0x8062298E-->B625BBDA [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtEnumerateValueKey, Type: Address change 0x80622BF8-->B625BA45 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtFreeVirtualMemory, Type: Address change 0x805B19F6-->B629C5C0 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntkrnlpa.exe-->NtLoadDriver, Type: Address change 0x80582EA6-->B6237DB2 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtModifyBootEntry, Type: Address change 0x80614E3E-->B623800C [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtNotifyChangeKey, Type: Address change 0x80623E64-->B623A9BC [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtNotifyChangeMultipleKeys, Type: Address change 0x80622F64-->B6238AA4 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenEvent, Type: Address change 0x8060CF66-->B623A486 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenEventPair, Type: Address change 0x8061525C-->B623A4D6 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenIoCompletion, Type: Address change 0x80576834-->B623A5EE [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenKey, Type: Address change 0x806234E4-->B625B3B9 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenMutant, Type: Address change 0x80615654-->B623A3D8 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenProcess, Type: Address change 0x805C9D0E-->B623A680 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenSection, Type: Address change 0x805A8EC2-->B623A53E [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenSemaphore, Type: Address change 0x80613026-->B623A42E [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenThread, Type: Address change 0x805C9F9A-->B623A764 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtOpenTimer, Type: Address change 0x80614F6E-->B623A59C [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtProtectVirtualMemory, Type: Address change 0x805B6E62-->B629C658 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntkrnlpa.exe-->NtQueryKey, Type: Address change 0x80623824-->B625B8C0 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtQueryObject, Type: Address change 0x805C2DC8-->B623896A [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtQueryValueKey, Type: Address change 0x806201E8-->B625B712 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtRenameKey, Type: Address change 0x80621B68-->B62A49E6 [C:\WINDOWS\System32\Drivers\aswSP.SYS]
ntkrnlpa.exe-->NtRestoreKey, Type: Address change 0x80620536-->B625A6D0 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSetBootEntryOrder, Type: Address change 0x80614900-->B6238030 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSetBootOptions, Type: Address change 0x80614900-->B6238054 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSetSystemInformation, Type: Address change 0x8060DC1E-->B6237E0C [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSetSystemPowerState, Type: Address change 0x80650E26-->B6237F48 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSetValueKey, Type: Address change 0x806207EE-->B625BE76 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtShutdownSystem, Type: Address change 0x80610E6E-->B6237F24 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtSystemDebugControl, Type: Address change 0x80615F98-->B6237F6C [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
ntkrnlpa.exe-->NtVdmControl, Type: Address change 0x805F9AEE-->B6238078 [C:\WINDOWS\System32\Drivers\aswSnx.SYS]
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x89E41660 [4] System
0x88F19DA0 [188] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation, GrooveMonitor Utility)
0x88F87990 [504] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x89A016D8 [760] C:\WINDOWS\system32\smss.exe (Microsoft Corporation, Správce relací systému Windows NT)
0x899541E0 [816] C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x899B91E8 [856] C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x898F2DA0 [900] C:\WINDOWS\system32\services.exe (Microsoft Corporation, Services and Controller app)
0x89A3F2E8 [912] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x88F245B0 [960] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x88E959B8 [984] C:\Program Files\Canon\IJPLM\ijplmsvc.exe (-, PIXMA Extended Servey Program Service)
0x89918940 [1080] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x89975678 [1148] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x88F66BC0 [1200] C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation, Run a DLL as an App)
0x8997C680 [1244] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8994CDA0 [1284] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x88E36B98 [1296] C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x89997D80 [1340] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x88E9CB98 [1348] C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation, Java(TM) Quick Starter Service)
0x89A94DA0 [1444] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x88ED1DA0 [1484] C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc., OCR Aware)
0x88F0C430 [1500] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp., Realtek HD Audio Control Panel)
0x88D563B0 [1504] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink, brs)
0x88E94DA0 [1512] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp., PowerDVD RC Service)
0x89BD3208 [1656] C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software, avast! Service)
0x89AC7020 [1824] C:\WINDOWS\explorer.exe (Microsoft Corporation, Průzkumník Windows)
0x88F12DA0 [1856] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC., Canon My Printer)
0x88D4F9B0 [2060] C:\Genius\ioCentre\gTaskBar.exe (-, ioCentre)
0x88DC3B28 [2072] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software, avast! Antivirus)
0x88DEEB98 [2096] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG, Nero Home)
0x88EB7B98 [2108] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, CTF Loader)
0x88E86020 [2176] C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 91.31)
0x88D514A8 [2232] C:\WINDOWS\system32\PnkBstrA.exe
0x89943B28 [2240] C:\Program Files\Media Key\MagicKey.exe
0x88F20020 [2252] C:\Genius\ioCentre\gMouseTask.exe (-, ioCentre)
0x88D693B8 [2272] C:\Genius\ioCentre\gKbdTask.exe (-, ioCentre)
0x899E5DA0 [2284] C:\Genius\ioCentre\gAutoPan.exe (-, ioCentre)
0x899E5B20 [2312] C:\Genius\ioCentre\gAutoScroll.exe (-, ioCentre)
0x88E75990 [2336] C:\Genius\ioCentre\gZoom.exe (-, ioCentre)
0x89B64990 [2356] C:\Genius\ioCentre\gMGlass.exe (-, ioCentre)
0x88DEE020 [2384] C:\Genius\ioCentre\gIMMgm.exe (-, ioCentre)
0x88D52408 [2396] C:\Genius\ioCentre\gDeskMgm.exe (-, ioCentre)
0x88EB93B8 [2412] C:\Genius\ioCentre\gTaskSwitch.exe (-, ioCentre)
0x88AC1DA0 [2460] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation, Firefox)
0x88DB2348 [2540] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x87A46DA0 [2652] C:\DOCUME~1\pc\LOCALS~1\Temp\Rar$EX00.250\RKUnhookerLE.EXE (UG North, RKULE, SR2 Overlord)
0x88F16DA0 [2656] C:\Program Files\Media Key\OSD.exe (WayTech Development, Inc., OSD)
0x88DC1340 [3208] C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG, Nero Home)
0x88EB3020 [3500] C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG, Nero Home)
0x88F55DA0 [3524] C:\WINDOWS\system32\alg.exe (Microsoft Corporation, Application Layer Gateway Service)
0x87B00618 [3708] C:\Program Files\WinRAR\WinRAR.exe
0x88D3F238 [3892] C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation, Plugin Container for Firefox)
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 4530176 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 91.31 )
0xB656B000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 4435968 bytes (Realtek Semiconductor Corp., Realtek(r) High Definition Audio Function Driver)
0xB9046000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3928064 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.31 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2142208 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2142208 bytes
0x804D7000 RAW 2142208 bytes
0x804D7000 WMIxWDM 2142208 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xB9EA7000 PCI_PNP2546 1048576 bytes
0xB9EA7000 sptd 1048576 bytes
0xB9EA7000 spyc.sys 1048576 bytes
0xB9CF8000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xB6305000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 454656 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xB6225000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 446464 bytes (AVAST Software, avast! Virtualization Driver)
0xB8EB6000 C:\WINDOWS\system32\DRIVERS\update.sys 364544 bytes (Microsoft Corporation, Update Driver)
0xB6496000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 360448 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB3C3B000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xB6292000 C:\WINDOWS\System32\Drivers\aswSP.SYS 307200 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB372D000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xB8F68000 C:\WINDOWS\System32\Drivers\aols812t.SYS 225280 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB8F0F000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 200704 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xB9E61000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB9CCB000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xB3DFB000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 180224 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xB6388000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB3DAA000 C:\WINDOWS\system32\DRIVERS\atksgt.sys 167936 bytes
0xB6425000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xB9DF9000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xB900D000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 151552 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xAC234000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 143360 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xB8F9F000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xB8FD6000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 143360 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB6403000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xB6549000 C:\WINDOWS\system32\drivers\portcls.sys 139264 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB644D000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 135168 bytes (Microsoft Corporation, IP Network Address Translator)
0x806E2000 ACPI_HAL 134400 bytes
0x806E2000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xB9DC1000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB9E1F000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xB394E000 C:\Program Files\CyberLink\PowerDVD8\000.fcl 118784 bytes (Cyberlink Corp., FCL Driver)
0xB9C9C000 prohlp02.sys 118784 bytes (Protection Technology, StarForce Protection Helper Driver)
0xB9C81000 Mup.sys 110592 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xB52EA000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 106496 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xB9DE1000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xB6145000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xB9E8F000 C:\WINDOWS\System32\Drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xB9D98000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8F51000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB3F65000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB8FC2000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xB6374000 C:\WINDOWS\System32\drivers\prodrv06.sys 81920 bytes (Protection Technology, StarForce Protection Environment Driver)
0xB8FF9000 C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 81920 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xB9032000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xB64EE000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xB9D85000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xB9CB9000 sfdrv01.sys 73728 bytes (Protection Technology (StarForce), FrontLine Environment Driver)
0xB9E3E000 sfsync04.sys 73728 bytes (Protection Technology (StarForce), FrontLine Synchronization Driver)
0xB9DAF000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xB9E50000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xB8F40000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xBA168000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xBA248000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xBA308000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA288000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xB40A2000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xBA318000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBA278000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 53248 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xBA0E8000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA258000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xBA298000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xB9475000 C:\WINDOWS\System32\Drivers\SCDEmu.SYS 53248 bytes (PowerISO Computing, Inc., PowerISO Virtual Drive)
0xBA0C8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xBA2B8000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xBA2E8000 C:\WINDOWS\system32\drivers\WmXlCore.sys 49152 bytes (Logitech Inc., Logitech WingMan Translation Driver)
0xB3D0A000 C:\DOCUME~1\pc\LOCALS~1\Temp\aswMBR.sys 45056 bytes
0xBA118000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 45056 bytes (AVAST Software, avast! TDI Filter Driver)
0xBA268000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA0B8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA2A8000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xBA148000 C:\WINDOWS\System32\Drivers\gHidPnp.Sys 40960 bytes (-, Extended function Driver)
0xBA228000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processor Device Driver)
0xBA2F8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xB3BD3000 C:\WINDOWS\system32\DRIVERS\secdrv.sys 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xBA2D8000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xA9869000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xB9465000 C:\WINDOWS\System32\Drivers\Fips.SYS 36864 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xBA158000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA0A8000 isapnp.sys 36864 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xBA2C8000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xB9485000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xB9495000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xBA3F0000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xBA340000 sfhlp02.sys 32768 bytes (Protection Technology (StarForce), FrontLine Helper Driver)
0xBA3F8000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 28672 bytes (AVAST Software, avast! TDI RDR Driver)
0xBA3D8000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xBA470000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 28672 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xBA498000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xBA410000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xBA478000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xBA3A0000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xBA338000 sfsync02.sys 24576 bytes (Protection Technology, StarForce Protection Synchronization Driver)
0xBA3E0000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xBA4A0000 C:\WINDOWS\system32\drivers\WmFilter.sys 24576 bytes (Logitech Inc., Logitech WingMan Hid Filter Driver)
0xBA418000 C:\WINDOWS\system32\DRIVERS\lirsgt.sys 20480 bytes
0xBA3E8000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xBA390000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xBA398000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xBA388000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xBA468000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20480 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xBA4A8000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xBA490000 C:\WINDOWS\system32\drivers\WmHidLo.sys 20480 bytes (Logitech Inc., Logitech WingMan Hid Lower Filter Driver)
0xB9783000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xB5574000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xB9C49000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xB63D3000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xB621D000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xB62DD000 C:\WINDOWS\system32\DRIVERS\gMouUsb.sys 12288 bytes (-, WDM NULL filter driver)
0xB62E9000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xB9C45000 C:\WINDOWS\System32\Drivers\kbfilter.SYS 12288 bytes (WayTech Development, Inc., Keyboard filter driver)
0xB6492000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xB97A3000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xB9C59000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xB97A7000 C:\WINDOWS\System32\Drivers\UsbFltr.SYS 12288 bytes (Waytech Development, Inc., Ortek USB Keypad Driver)
0xBA54C000 C:\WINDOWS\system32\drivers\WmBEnum.sys 12288 bytes (Logitech Inc., Logitech WingMan Virtual Bus Enumerator Driver )
0xBA604000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xBA5AC000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xBA5C6000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xBA602000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xBA608000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xBA644000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xBA5B0000 prosync1.sys 8192 bytes (Protection Technology, StarForce Protection Synchronization Driver)
0xBA60A000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xBA5AE000 sfhlp01.sys 8192 bytes (Protection Technology, StarForce Protection Helper Driver)
0xBA5F6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xBA600000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xBA5AA000 C:\WINDOWS\System32\Drivers\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA706000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xBA7E0000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xBA773000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xBA7DA000 C:\WINDOWS\system32\SVKP.sys 4096 bytes (AntiCracking, SVKP driver for NT)
0x898F41D8 unknown_irp_handler 3624 bytes
0x89E531F8 unknown_irp_handler 3592 bytes
0x89E541F8 unknown_irp_handler 3592 bytes
0x8997B1F8 unknown_irp_handler 3592 bytes
0x89DE51F8 unknown_irp_handler 3592 bytes
0x89C421F8 unknown_irp_handler 3592 bytes
0x89E551F8 unknown_irp_handler 3592 bytes
0x893871F8 unknown_irp_handler 3592 bytes
0x89C0B1F8 unknown_irp_handler 3592 bytes
0x8937D1F8 unknown_irp_handler 3592 bytes
0x89A91420 unknown_irp_handler 3040 bytes
0xE1CF1420 unknown_irp_handler 3040 bytes
0x89B92500 unknown_irp_handler 2816 bytes
0x89B8C500 unknown_irp_handler 2816 bytes
0x89AC6500 unknown_irp_handler 2816 bytes
0xE15A0980 unknown_irp_handler 1664 bytes
==============================================
>Stealth
==============================================
WARNING: File locked for read access [C:\WINDOWS\system32\drivers\sptd.sys]
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
atapi.sys+0x000067B4, Type: Inline - RelativeJump 0xB9DE77B4-->B3D0E678 [aswMBR.sys]
ntkrnlpa.exe+0x0002CA44, Type: Inline - RelativeJump 0x80503A44-->805039EF [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002CD48, Type: Inline - RelativeJump 0x80503D48-->80503D0C [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002CD68, Type: Inline - RelativeJump 0x80503D68-->80503D92 [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002CD9C, Type: Inline - RelativeJump 0x80503D9C-->80503D22 [ntkrnlpa.exe]
ntkrnlpa.exe+0x0006DF0E, Type: Inline - RelativeJump 0x80544F0E-->80544F15 [ntkrnlpa.exe]
ntkrnlpa.exe-->NtCreateProcessEx, Type: Inline - RelativeJump 0x805CFA2E-->B62B07A6 [aswSP.SYS]
ntkrnlpa.exe-->ObInsertObject, Type: Inline - RelativeJump 0x805C18D0-->B62AF15C [aswSP.SYS]
ntkrnlpa.exe-->ObMakeTemporaryObject, Type: Inline - RelativeJump 0x805BAF9A-->B62AD69C [aswSP.SYS]
[1080]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[1080]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[1080]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1080]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1080]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1080]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1080]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[1080]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[1080]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[1080]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[1080]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[1148]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[1148]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1148]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1148]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1148]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1148]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[1148]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[1148]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[1148]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[1148]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00300C0C [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00300E10 [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00300804 [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00300A08 [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003001F8 [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003003FC [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00300600 [unknown_code_page]
[1200]rundll32.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00301014 [unknown_code_page]
[1200]rundll32.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1200]rundll32.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1200]rundll32.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1200]rundll32.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1200]rundll32.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->002F0600 [unknown_code_page]
[1200]rundll32.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->002F0804 [unknown_code_page]
[1200]rundll32.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->002F01F8 [unknown_code_page]
[1200]rundll32.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->002F0A08 [unknown_code_page]
[1200]rundll32.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->002F03FC [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[1244]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[1244]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1244]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1244]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1244]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1244]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[1244]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[1244]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[1244]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[1244]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[1284]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[1284]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1284]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1284]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1284]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1284]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[1284]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[1284]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[1284]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[1284]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00370C0C [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00370E10 [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00370804 [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00370A08 [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003701F8 [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003703FC [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00370600 [unknown_code_page]
[1296]wuauclt.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00371014 [unknown_code_page]
[1296]wuauclt.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1296]wuauclt.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1296]wuauclt.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000A01F8 [unknown_code_page]
[1296]wuauclt.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000A03FC [unknown_code_page]
[1296]wuauclt.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00380600 [unknown_code_page]
[1296]wuauclt.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00380804 [unknown_code_page]
[1296]wuauclt.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003801F8 [unknown_code_page]
[1296]wuauclt.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00380A08 [unknown_code_page]
[1296]wuauclt.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003803FC [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00300C0C [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00300E10 [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00300804 [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00300A08 [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003001F8 [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003003FC [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00300600 [unknown_code_page]
[1340]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00301014 [unknown_code_page]
[1340]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1340]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1340]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1340]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1340]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00310600 [unknown_code_page]
[1340]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00310804 [unknown_code_page]
[1340]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003101F8 [unknown_code_page]
[1340]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00310A08 [unknown_code_page]
[1340]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003103FC [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[1348]jqs.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[1348]jqs.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1348]jqs.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1348]jqs.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[1348]jqs.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[1348]jqs.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->006F0600 [unknown_code_page]
[1348]jqs.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->006F0804 [unknown_code_page]
[1348]jqs.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->006F01F8 [unknown_code_page]
[1348]jqs.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->006F0A08 [unknown_code_page]
[1348]jqs.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->006F03FC [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[1444]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[1444]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1444]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1444]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1444]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1444]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[1444]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[1444]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[1444]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[1444]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[1484]OpWareSE4.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[1484]OpWareSE4.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1484]OpWareSE4.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1484]OpWareSE4.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[1484]OpWareSE4.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[1484]OpWareSE4.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[1484]OpWareSE4.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[1484]OpWareSE4.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[1484]OpWareSE4.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[1484]OpWareSE4.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[1500]RTHDCPL.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[1500]RTHDCPL.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1500]RTHDCPL.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1500]RTHDCPL.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[1500]RTHDCPL.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[1500]RTHDCPL.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003C0600 [unknown_code_page]
[1500]RTHDCPL.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003C0804 [unknown_code_page]
[1500]RTHDCPL.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003C01F8 [unknown_code_page]
[1500]RTHDCPL.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003C0A08 [unknown_code_page]
[1500]RTHDCPL.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003C03FC [unknown_code_page]
[1504]brs.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1504]brs.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1504]brs.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[1504]brs.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[1504]brs.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003F0600 [unknown_code_page]
[1504]brs.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003F0804 [unknown_code_page]
[1504]brs.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003F01F8 [unknown_code_page]
[1504]brs.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003F0A08 [unknown_code_page]
[1504]brs.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003F03FC [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[1512]PDVD8Serv.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[1512]PDVD8Serv.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1512]PDVD8Serv.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1512]PDVD8Serv.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[1512]PDVD8Serv.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[1512]PDVD8Serv.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003E0600 [unknown_code_page]
[1512]PDVD8Serv.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003E0804 [unknown_code_page]
[1512]PDVD8Serv.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003E01F8 [unknown_code_page]
[1512]PDVD8Serv.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003E0A08 [unknown_code_page]
[1512]PDVD8Serv.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003E03FC [unknown_code_page]
[1656]AvastSvc.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1656]AvastSvc.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Inline - PushRet 0x7C8447ED-->EC900004 [unknown_code_page]
[1656]AvastSvc.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Code Mismatch 0x7C8447ED + 3 [90]
[1656]AvastSvc.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1824]explorer.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00370C0C [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00370E10 [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00370804 [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00370A08 [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003701F8 [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003703FC [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00370600 [unknown_code_page]
[1824]explorer.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00371014 [unknown_code_page]
[1824]explorer.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1824]explorer.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1824]explorer.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[1824]explorer.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[1824]explorer.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00380600 [unknown_code_page]
[1824]explorer.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00380804 [unknown_code_page]
[1824]explorer.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003801F8 [unknown_code_page]
[1824]explorer.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00380A08 [unknown_code_page]
[1824]explorer.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003803FC [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[1856]BJMYPRT.EXE-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[1856]BJMYPRT.EXE-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[1856]BJMYPRT.EXE-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[1856]BJMYPRT.EXE-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[1856]BJMYPRT.EXE-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[1856]BJMYPRT.EXE-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[1856]BJMYPRT.EXE-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[1856]BJMYPRT.EXE-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[1856]BJMYPRT.EXE-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[1856]BJMYPRT.EXE-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00420C0C [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00420E10 [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00420804 [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00420A08 [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->004201F8 [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->004203FC [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00420600 [unknown_code_page]
[188]GrooveMonitor.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00421014 [unknown_code_page]
[188]GrooveMonitor.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[188]GrooveMonitor.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[188]GrooveMonitor.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[188]GrooveMonitor.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[188]GrooveMonitor.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00410600 [unknown_code_page]
[188]GrooveMonitor.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00410804 [unknown_code_page]
[188]GrooveMonitor.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->004101F8 [unknown_code_page]
[188]GrooveMonitor.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00410A08 [unknown_code_page]
[188]GrooveMonitor.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->004103FC [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2060]gTaskBar.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]

pips13 · #12 Příspěvek od **pips13** » 01 led 2012 14:15

[2060]gTaskBar.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2060]gTaskBar.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2060]gTaskBar.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2060]gTaskBar.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2060]gTaskBar.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2060]gTaskBar.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2060]gTaskBar.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2060]gTaskBar.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2060]gTaskBar.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2060]gTaskBar.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2072]AvastUI.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2072]AvastUI.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2096]NMBgMonitor.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[2096]NMBgMonitor.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[2096]NMBgMonitor.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2096]NMBgMonitor.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2096]NMBgMonitor.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[2096]NMBgMonitor.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[2096]NMBgMonitor.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003C0600 [unknown_code_page]
[2096]NMBgMonitor.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003C0804 [unknown_code_page]
[2096]NMBgMonitor.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003C01F8 [unknown_code_page]
[2096]NMBgMonitor.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003C0A08 [unknown_code_page]
[2096]NMBgMonitor.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003C03FC [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00370C0C [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00370E10 [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00370804 [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00370A08 [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003701F8 [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003703FC [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00370600 [unknown_code_page]
[2108]ctfmon.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00371014 [unknown_code_page]
[2108]ctfmon.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2108]ctfmon.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2108]ctfmon.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000A01F8 [unknown_code_page]
[2108]ctfmon.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000A03FC [unknown_code_page]
[2108]ctfmon.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00380600 [unknown_code_page]
[2108]ctfmon.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00380804 [unknown_code_page]
[2108]ctfmon.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003801F8 [unknown_code_page]
[2108]ctfmon.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00380A08 [unknown_code_page]
[2108]ctfmon.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003803FC [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[2176]nvsvc32.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[2176]nvsvc32.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2176]nvsvc32.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2176]nvsvc32.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001401F8 [unknown_code_page]
[2176]nvsvc32.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001403FC [unknown_code_page]
[2176]nvsvc32.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003C0600 [unknown_code_page]
[2176]nvsvc32.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003C0804 [unknown_code_page]
[2176]nvsvc32.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003C01F8 [unknown_code_page]
[2176]nvsvc32.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003C0A08 [unknown_code_page]
[2176]nvsvc32.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003C03FC [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003C0C0C [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003C0E10 [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003C0804 [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003C0A08 [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003C01F8 [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003C03FC [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003C0600 [unknown_code_page]
[2232]PnkBstrA.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003C1014 [unknown_code_page]
[2232]PnkBstrA.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2232]PnkBstrA.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2232]PnkBstrA.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001401F8 [unknown_code_page]
[2232]PnkBstrA.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001403FC [unknown_code_page]
[2232]PnkBstrA.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2232]PnkBstrA.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2232]PnkBstrA.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2232]PnkBstrA.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2232]PnkBstrA.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003C0C0C [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003C0E10 [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003C0804 [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003C0A08 [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003C01F8 [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003C03FC [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003C0600 [unknown_code_page]
[2240]MagicKey.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003C1014 [unknown_code_page]
[2240]MagicKey.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2240]MagicKey.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2240]MagicKey.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[2240]MagicKey.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[2240]MagicKey.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2240]MagicKey.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2240]MagicKey.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2240]MagicKey.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2240]MagicKey.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2252]gMouseTask.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2252]gMouseTask.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2252]gMouseTask.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2252]gMouseTask.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2252]gMouseTask.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2252]gMouseTask.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2252]gMouseTask.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2252]gMouseTask.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2252]gMouseTask.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2252]gMouseTask.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2272]gKbdTask.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2272]gKbdTask.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2272]gKbdTask.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2272]gKbdTask.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2272]gKbdTask.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2272]gKbdTask.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2272]gKbdTask.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2272]gKbdTask.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2272]gKbdTask.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2272]gKbdTask.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2284]gAutoPan.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2284]gAutoPan.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2284]gAutoPan.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2284]gAutoPan.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2284]gAutoPan.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2284]gAutoPan.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2284]gAutoPan.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2284]gAutoPan.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2284]gAutoPan.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2284]gAutoPan.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2312]gAutoScroll.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2312]gAutoScroll.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2312]gAutoScroll.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2312]gAutoScroll.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2312]gAutoScroll.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2312]gAutoScroll.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2312]gAutoScroll.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2312]gAutoScroll.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2312]gAutoScroll.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2312]gAutoScroll.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2336]gZoom.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2336]gZoom.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2336]gZoom.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2336]gZoom.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2336]gZoom.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2336]gZoom.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2336]gZoom.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2336]gZoom.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2336]gZoom.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2336]gZoom.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2356]gMGlass.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2356]gMGlass.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2356]gMGlass.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2356]gMGlass.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2356]gMGlass.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2356]gMGlass.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2356]gMGlass.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2356]gMGlass.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2356]gMGlass.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2356]gMGlass.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2384]gIMMgm.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2384]gIMMgm.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2384]gIMMgm.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2384]gIMMgm.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2384]gIMMgm.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2384]gIMMgm.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2384]gIMMgm.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2384]gIMMgm.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2384]gIMMgm.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2384]gIMMgm.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2396]gDeskMgm.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2396]gDeskMgm.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2396]gDeskMgm.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2396]gDeskMgm.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2396]gDeskMgm.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2396]gDeskMgm.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2396]gDeskMgm.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2396]gDeskMgm.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2396]gDeskMgm.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2396]gDeskMgm.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003E0C0C [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003E0E10 [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003E0804 [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003E0A08 [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003E01F8 [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003E03FC [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003E0600 [unknown_code_page]
[2412]gTaskSwitch.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003E1014 [unknown_code_page]
[2412]gTaskSwitch.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2412]gTaskSwitch.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2412]gTaskSwitch.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[2412]gTaskSwitch.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2412]gTaskSwitch.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[2412]gTaskSwitch.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[2412]gTaskSwitch.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[2412]gTaskSwitch.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[2412]gTaskSwitch.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->02D90C0C [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->02D90E10 [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->02D90804 [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->02D90A08 [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->02D901F8 [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->02D903FC [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->02D90600 [unknown_code_page]
[2460]firefox.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->02D91014 [unknown_code_page]
[2460]firefox.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2460]firefox.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2460]firefox.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->0131B750 [xul.dll]
[2460]firefox.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[2460]firefox.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00310600 [unknown_code_page]
[2460]firefox.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00310804 [unknown_code_page]
[2460]firefox.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003101F8 [unknown_code_page]
[2460]firefox.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00310A08 [unknown_code_page]
[2460]firefox.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003103FC [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[2540]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[2540]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2540]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2540]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[2540]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[2540]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[2540]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[2540]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[2540]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[2540]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[2656]OSD.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[2656]OSD.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[2656]OSD.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[2656]OSD.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[2656]OSD.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[2656]OSD.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003C0600 [unknown_code_page]
[2656]OSD.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003C0804 [unknown_code_page]
[2656]OSD.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003C01F8 [unknown_code_page]
[2656]OSD.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003C0A08 [unknown_code_page]
[2656]OSD.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003C03FC [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003C0C0C [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003C0E10 [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003C0804 [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003C0A08 [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003C01F8 [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003C03FC [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003C0600 [unknown_code_page]
[3208]NMIndexingService.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003C1014 [unknown_code_page]
[3208]NMIndexingService.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[3208]NMIndexingService.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[3208]NMIndexingService.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001401F8 [unknown_code_page]
[3208]NMIndexingService.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001403FC [unknown_code_page]
[3208]NMIndexingService.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[3208]NMIndexingService.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[3208]NMIndexingService.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[3208]NMIndexingService.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[3208]NMIndexingService.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003C0C0C [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003C0E10 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003C0804 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003C0A08 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003C01F8 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003C03FC [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003C0600 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003C1014 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[3500]NMIndexStoreSvr.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[3500]NMIndexStoreSvr.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003D0600 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003D0804 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003D01F8 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003D0A08 [unknown_code_page]
[3500]NMIndexStoreSvr.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003D03FC [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00300C0C [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00300E10 [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00300804 [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00300A08 [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003001F8 [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003003FC [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00300600 [unknown_code_page]
[3524]alg.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00301014 [unknown_code_page]
[3524]alg.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[3524]alg.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[3524]alg.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[3524]alg.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[3524]alg.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->002F0600 [unknown_code_page]
[3524]alg.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->002F0804 [unknown_code_page]
[3524]alg.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->002F01F8 [unknown_code_page]
[3524]alg.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->002F0A08 [unknown_code_page]
[3524]alg.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->002F03FC [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[3708]WinRAR.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[3708]WinRAR.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[3708]WinRAR.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[3708]WinRAR.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[3708]WinRAR.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[3708]WinRAR.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003E0600 [unknown_code_page]
[3708]WinRAR.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003E0804 [unknown_code_page]
[3708]WinRAR.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003E01F8 [unknown_code_page]
[3708]WinRAR.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003E0A08 [unknown_code_page]
[3708]WinRAR.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003E03FC [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00840C0C [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00840E10 [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00840804 [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00840A08 [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->008401F8 [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->008403FC [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00840600 [unknown_code_page]
[3892]plugin-container.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00841014 [unknown_code_page]
[3892]plugin-container.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[3892]plugin-container.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[3892]plugin-container.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001601F8 [unknown_code_page]
[3892]plugin-container.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001603FC [unknown_code_page]
[3892]plugin-container.exe-->user32.dll-->GetWindowInfo, Type: Inline - RelativeJump 0x7E36E77C-->1046C909 [xul.dll]
[3892]plugin-container.exe-->user32.dll-->SetWindowLongA, Type: Inline - RelativeJump 0x7E36D60D-->106C3A89 [xul.dll]
[3892]plugin-container.exe-->user32.dll-->SetWindowLongW, Type: Inline - RelativeJump 0x7E36D62B-->106C3A1B [xul.dll]
[3892]plugin-container.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00850600 [unknown_code_page]
[3892]plugin-container.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00850804 [unknown_code_page]
[3892]plugin-container.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->008501F8 [unknown_code_page]
[3892]plugin-container.exe-->user32.dll-->TrackPopupMenu, Type: Inline - RelativeJump 0x7E3B50EE-->1046CEBD [xul.dll]
[3892]plugin-container.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00850A08 [unknown_code_page]
[3892]plugin-container.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->008503FC [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[504]spoolsv.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[504]spoolsv.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[504]spoolsv.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[504]spoolsv.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[504]spoolsv.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[504]spoolsv.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[504]spoolsv.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[504]spoolsv.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[504]spoolsv.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[504]spoolsv.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[760]smss.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[816]csrss.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[816]csrss.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[856]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[856]winlogon.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[856]winlogon.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[856]winlogon.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[856]winlogon.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000701F8 [unknown_code_page]
[856]winlogon.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000703FC [unknown_code_page]
[856]winlogon.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[856]winlogon.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[856]winlogon.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[856]winlogon.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[856]winlogon.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[900]services.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->00300C0C [unknown_code_page]
[900]services.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->00300E10 [unknown_code_page]
[900]services.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->00300804 [unknown_code_page]
[900]services.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->00300A08 [unknown_code_page]
[900]services.exe-->advapi32.dll-->CreateProcessAsUserW, Type: IAT modification 0x01001094-->00620002 [unknown_code_page]
[900]services.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003001F8 [unknown_code_page]
[900]services.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003003FC [unknown_code_page]
[900]services.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->00300600 [unknown_code_page]
[900]services.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->00301014 [unknown_code_page]
[900]services.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[900]services.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x01001114-->00620000 [unknown_code_page]
[900]services.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[900]services.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[900]services.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[900]services.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00310600 [unknown_code_page]
[900]services.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00310804 [unknown_code_page]
[900]services.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003101F8 [unknown_code_page]
[900]services.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00310A08 [unknown_code_page]
[900]services.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003103FC [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[912]lsass.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[912]lsass.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[912]lsass.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[912]lsass.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[912]lsass.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[912]lsass.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[912]lsass.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[912]lsass.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[912]lsass.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[912]lsass.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->002F0C0C [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->002F0E10 [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->002F0804 [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->002F0A08 [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->002F01F8 [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->002F03FC [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->002F0600 [unknown_code_page]
[960]svchost.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->002F1014 [unknown_code_page]
[960]svchost.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[960]svchost.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[960]svchost.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->000901F8 [unknown_code_page]
[960]svchost.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->000903FC [unknown_code_page]
[960]svchost.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->00300600 [unknown_code_page]
[960]svchost.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->00300804 [unknown_code_page]
[960]svchost.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003001F8 [unknown_code_page]
[960]svchost.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->00300A08 [unknown_code_page]
[960]svchost.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003003FC [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->ChangeServiceConfig2A, Type: Inline - RelativeJump 0x77E26FA9-->003D0C0C [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->ChangeServiceConfig2W, Type: Inline - RelativeJump 0x77E27031-->003D0E10 [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->ChangeServiceConfigA, Type: Inline - RelativeJump 0x77E26D11-->003D0804 [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->ChangeServiceConfigW, Type: Inline - RelativeJump 0x77E26EA9-->003D0A08 [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->CreateServiceA, Type: Inline - RelativeJump 0x77E270B9-->003D01F8 [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->CreateServiceW, Type: Inline - RelativeJump 0x77E27251-->003D03FC [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->DeleteService, Type: Inline - RelativeJump 0x77E27359-->003D0600 [unknown_code_page]
[984]ijplmsvc.exe-->advapi32.dll-->SetServiceObjectSecurity, Type: Inline - RelativeJump 0x77E26C29-->003D1014 [unknown_code_page]
[984]ijplmsvc.exe-->kernel32.dll+0x00067E3C, Type: Code Mismatch 0x7C867E3C + 425532 [62]
[984]ijplmsvc.exe-->ntdll.dll+0x00016AC2, Type: Code Mismatch 0x7C916AC2 + 92866 [62]
[984]ijplmsvc.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C915CBB-->001501F8 [unknown_code_page]
[984]ijplmsvc.exe-->ntdll.dll-->LdrUnloadDll, Type: Inline - RelativeJump 0x7C916C83-->001503FC [unknown_code_page]
[984]ijplmsvc.exe-->user32.dll-->SetWindowsHookExA, Type: Inline - RelativeJump 0x7E3811D1-->003E0600 [unknown_code_page]
[984]ijplmsvc.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x7E37DDB5-->003E0804 [unknown_code_page]
[984]ijplmsvc.exe-->user32.dll-->SetWinEventHook, Type: Inline - RelativeJump 0x7E3817B7-->003E01F8 [unknown_code_page]
[984]ijplmsvc.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x7E36F21E-->003E0A08 [unknown_code_page]
[984]ijplmsvc.exe-->user32.dll-->UnhookWinEvent, Type: Inline - RelativeJump 0x7E38186C-->003E03FC [unknown_code_page]

!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

Ale teď mi vyjelo, že nějaký útok, antivirák vyjel, a dal ho sám do truhly.

pips13 · #13 Příspěvek od **pips13** » 01 led 2012 14:32

OK DSS bude za minutku.

C:/WINDOWS/System32/B23D5E00.exe
Závažnost: vysoká
Stav: Hrozba win32:Malware-gen
Přesunut do truhly

pips13 · #14 Příspěvek od **pips13** » 01 led 2012 14:35

DDS (Ver_2011-09-30.01) - NTFS_x86
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 10.0.0
Run by pc at 14:29:22 on 2012-01-01
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1278 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Media Key\MagicKey.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\Media Key\OSD.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uSearch Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
uSearch Page = hxxp://search.qip.ru
uDefault_Page_URL = hxxp://search.qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
uURLSearchHooks: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - <orphaned>
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: {140BD8E3-C167-11D4-B4A3-080000180323} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
TB: BearShare MediaBar: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RGSC] c:\program files\rockstar games\rockstar games social club\RGSCLauncher.exe /silent
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [DrvIcon] c:\program files\vista drive icon\DrvIcon.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [ioCentre] c:\genius\iocentre\gTaskBar.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\pc\nabdka~1\programy\posput~1\vezyob~2.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\mediak~1.lnk - c:\program files\media key\MagicKey.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://tbedits.smileycentral.com/one-to ... 2010112710
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B863453A-26C3-4e1f-A54D-A2CD196348E9} - c:\program files\icqlite\ICQLite.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
TCP: NameServer = 212.96.160.50 212.96.164.158
TCP: Interfaces\{E9A10B1A-3FC9-4987-803D-3A228CB472CD} : DHCPNameServer = 212.96.160.50 212.96.164.158
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\data aplikací\mozilla\firefox\profiles\nisle19a.default\
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-16 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-16 314456]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [2009-12-25 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [2009-12-25 9291]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\cyberlink\powerdvd8\000.fcl [2008-2-1 41456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-16 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-9-16 44768]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2008-8-22 2368]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2009-12-25 16384]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2009-12-25 9856]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-8-3 69120]
S2 gupdate;Služba Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-10-18 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-10-25 3584]
S3 cusbohcn;cusbohcn;\??\c:\docume~1\pc\locals~1\temp\cusbohcn.sys --> c:\docume~1\pc\locals~1\temp\cusbohcn.sys [?]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [2009-12-25 17408]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-10-18 136176]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2008-12-25 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2008-12-25 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2008-12-25 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [2008-12-25 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [2008-12-25 83344]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-11-14 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-11-14 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-11-14 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-11-14 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-11-14 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-11-14 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-11-14 109864]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys --> c:\windows\system32\drivers\snp325.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
.
=============== File Associations ===============
.
ShellExec: PSPad.exe: open=c:\program files\pspad editor\PSPad.exe
.
=============== Created Last 30 ================
.
2012-01-01 12:41:25 -------- d-----w- c:\program files\trend micro
2012-01-01 11:18:25 1409 ----a-w- c:\windows\QTFont.for
2011-12-30 16:11:38 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2011-12-30 16:11:38 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2011-12-30 16:11:38 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2011-12-30 16:11:38 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2011-12-09 13:31:37 -------- d-----w- c:\documents and settings\pc\data aplikací\Broad Intelligence
.
==================== Find3M ====================
.
2011-12-28 13:26:19 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-28 13:25:57 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-22 14:14:06 87608 ----a-w- c:\documents and settings\pc\data aplikací\inst.exe
2011-11-22 14:14:06 47360 ----a-w- c:\documents and settings\pc\data aplikací\pcouffin.sys
2011-11-18 12:49:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 14:34:29,20 ===============

pips13 · #15 Příspěvek od **pips13** » 01 led 2012 14:45

Furt musím povolovat otevření avastem

.

A jak to vidíš stím virem ? Furt tam je ?

VIRY.CZ

MBR: \\.\PHYSICALDRIVE0 prosím pomoci

MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci

Re: MBR: \\.\PHYSICALDRIVE0 prosím pomoci