VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nelze vytvořit log z RSIT prosím pomoc

https://forum.viry.cz:443/viewtopic.php?t=108079

Stránka 2 z 2

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 03 led 2011 06:36
od Caroprd111
Obrázek Stáhněte Dr. Web CureIt http://www.viry.cz/forum/viewtopic.php?f=29&t=47721
  • Proveďte sken , co najde nechte léčit, smazat
  • Soubor/Uložit výsledky - uložíte jako textový soubor a zkopírujete zde

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 03 led 2011 21:54
od Fugass
SDFix.exe\SDFix\catchme.exe;E:\Auxiliary Files\Disk_G\Content 2\Secure\Viry\SDFix\SDFix.exe;Trojan.Inject.11888;;
SDFix.exe\SDFix\apps\Process.exe;E:\Auxiliary Files\Disk_G\Content 2\Secure\Viry\SDFix\SDFix.exe;Tool.Killproc.3;;
SDFix.exe;E:\Auxiliary Files\Disk_G\Content 2\Secure\Viry\SDFix;V archivu jsou infikované objekty;Přesunut.;
VirtumundoBeGone.exe\___;E:\Auxiliary Files\Disk_G\Content 2\Secure\Viry\Virtumonde\VirtumundoBeGone.exe;Tool.Killproc.3;;
VirtumundoBeGone.exe;E:\Auxiliary Files\Disk_G\Content 2\Secure\Viry\Virtumonde;Kontejner obsahuje nakažené objekty ;Přesunut.;
OBDTester-v2008.exe;E:\Kia;Pravděpodobně Trojan.Packed.Based;Nevyléčitelný.Smazán.;
OBDTester-v2008.exe;E:\Kia\AutoDiag;Pravděpodobně Trojan.Packed.Based;Nevyléčitelný.Smazán.;
Ford Sound 2000 Series Code Decrypter 2.00.exe;J:\Torrent download\ALL Car Radio CalculatorS;BackDoor.Siggen.14237;Nevyléčitelný.Přesunut.;
Ccr600 CAR400 MK1.exe;J:\Torrent download\ALL Car Radio CalculatorS\Philips Ccr600 CAR400 MK1;Trojan.DownLoader.44952;Smazán.;

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 03 led 2011 21:57
od Caroprd111
Obrázek Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek Start > Spustit (Win + R)
  • Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t
  • Klikněte na OK
  • Vytvoří se log s názvem mbr.log, vložte ho sem.


Obrázek Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 04 led 2011 00:38
od Fugass
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3120026AS rev.3.18 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E1397] -> \Device\Harddisk0\DR0[0x81F4BAB8]
3 CLASSPNP[0xF8598FD7] -> nt!IofCallDriver[0x804E1397] -> \Device\00000056[0x81F4F9E8]
5 ACPI[0xF84EF620] -> nt!IofCallDriver[0x804E1397] -> \Device\Ide\IdeDeviceP2T0L0-e[0x81F74D98]
kernel: MBR read successfully
user & kernel MBR OK


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-04 00:34:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e ST3120026AS rev.3.18
Running: gmer.exe; Driver: C:\DOCUME~1\Fugass\LOCALS~1\Temp\pxrdypow.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAllocateVirtualMemory [0xF330C394]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwAssignProcessToJobObject [0xF330BDDE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xF596071E]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwConnectPort [0xF330BE26]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateFile [0xF330BEDE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xF59605D6]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcess [0xF330CB70]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateProcessEx [0xF330CBFC]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateSection [0xF330BF5E]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwCreateThread [0xF330CC8C]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDebugActiveProcess [0xF330BFAE]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteFile [0xF330BFF6]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteKey [0xF330C03E]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDeleteValueKey [0xF330C086]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwDuplicateObject [0xF330C0D0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xF5959884]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwFsControlFile [0xF330C11A]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwLoadDriver [0xF330C164]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwMapViewOfSection [0xF330C1DA]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenFile [0xF330C222]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenKey [0xF330C272]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xF59600E6]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenSection [0xF330C2BA]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwOpenThread [0xF330C302]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwProtectVirtualMemory [0xF330C3E2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xF59607F6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xF5960CAA]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwRequestWaitReplyPort [0xF330C34A]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwRestoreKey [0xF330C42A]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwResumeThread [0xF330C478]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSecureConnectPort [0xF330C564]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetInformationFile [0xF330C4C0]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetSecurityObject [0xF330C610]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSetValueKey [0xF330C510]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSuspendProcess [0xF330C65A]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwSystemDebugControl [0xF330C6A2]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwTerminateProcess [0xF330C6EA]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteFile [0xF330C738]
SSDT \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools App Monitor Driver/PC Tools) ZwWriteVirtualMemory [0xF330C780]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xF596D75E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xF596D582]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xF596D6BC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 133 804E495D 7 Bytes [CB, 30, F3, FC, CB, 30, F3] {RETF ; XOR BL, DH; CLD ; RETF ; XOR BL, DH}
.text ntoskrnl.exe!ZwYieldExecution + 47A 804E4CA4 4 Bytes JMP EFF330C6
PAGE ntoskrnl.exe!ObInsertObject 8056DA64 5 Bytes JMP F596ABB8 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!NtCreateSection 8056DB66 7 Bytes JMP F596D586 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 8058B7CD 7 Bytes JMP F596D762 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwLoadDriver 805A8F96 7 Bytes JMP F596D6C0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 805E6A62 5 Bytes JMP F596911E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\Explorer.EXE[240] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[240] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Documents and Settings\Fugass\Plocha\gmer.exe[252] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Documents and Settings\Fugass\Plocha\gmer.exe[252] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\rundll32.exe[396] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe[408] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[424] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PC Tools Firewall Plus\FWService.exe[648] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[988] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1044] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1088] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1124] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 04 led 2011 00:38
od Fugass
C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1340] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[1536] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1652] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1908] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\WINDOWS\System32\alg.exe[2828] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\alg.exe[2828] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\System32\svchost.exe[3608] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\wuauclt.exe[4040] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[1088] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00650002
IAT C:\WINDOWS\system32\services.exe[1088] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00650000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0015832b6111
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0015832b6111 (not active ControlSet)

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 01: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sectors 234441456 (+191): rootkit-like behavior;

---- EOF - GMER 1.0.15 ----

Re: Nelze vytvořit log z RSIT prosím pomoc

Napsal: 04 led 2011 18:17
od Caroprd111
Pokračujte podle návodu http://www.bleepingcomputer.com/combofi ... t-combofix
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz