VIRY.CZ

.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[736] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[736] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[736] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[736] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[736] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[760] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\svchost.exe[828] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[828] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[828] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[828] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[828] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[828] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[828] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[828] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[828] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[828] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[896] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[956] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[956] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[964] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[964] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[988] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000701F8
.text C:\WINDOWS\system32\winlogon.exe[988] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[988] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000703FC
.text C:\WINDOWS\system32\winlogon.exe[988] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\winlogon.exe[988] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\winlogon.exe[988] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\winlogon.exe[988] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\winlogon.exe[988] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\winlogon.exe[988] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\winlogon.exe[988] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\services.exe[1032] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\services.exe[1032] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[1032] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\services.exe[1032] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\services.exe[1032] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\services.exe[1032] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\services.exe[1032] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\services.exe[1032] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\services.exe[1032] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\services.exe[1032] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\lsass.exe[1044] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\lsass.exe[1044] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[1044] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\lsass.exe[1044] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\lsass.exe[1044] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\lsass.exe[1044] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\lsass.exe[1044] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\lsass.exe[1044] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\lsass.exe[1044] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\lsass.exe[1044] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\igfxtray.exe[1104] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\WINDOWS\system32\igfxtray.exe[1104] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\igfxtray.exe[1104] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\WINDOWS\system32\igfxtray.exe[1104] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\igfxtray.exe[1104] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\WINDOWS\system32\igfxtray.exe[1104] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\WINDOWS\system32\igfxtray.exe[1104] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\igfxtray.exe[1104] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\WINDOWS\system32\igfxtray.exe[1104] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00431014
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00430804
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00430A08
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00430C0C
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00430E10
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 004301F8
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 004303FC
.text C:\WINDOWS\system32\igfxtray.exe[1104] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00430600
.text C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1220] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1220] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1220] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1288] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1288] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1288] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1288] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1288] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1288] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\svchost.exe[1328] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1352] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001401F8
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001403FC
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00651014
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00650804
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00650A08
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00650C0C
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00650E10
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 006501F8
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 006503FC
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00650600
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00660804
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00660A08
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00660600
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 006601F8
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1408] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 006603FC
.text C:\WINDOWS\system32\svchost.exe[1476] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1476] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1476] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1476] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1476] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1476] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1476] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1476] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1476] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1476] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1584] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1584] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1584] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1584] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\svchost.exe[1584] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\svchost.exe[1584] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\svchost.exe[1584] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\svchost.exe[1584] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\svchost.exe[1584] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1584] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe[1984] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\spoolsv.exe[2040] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\spoolsv.exe[2040] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2040] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\spoolsv.exe[2040] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\spoolsv.exe[2040] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\spoolsv.exe[2040] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\spoolsv.exe[2040] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\spoolsv.exe[2040] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\spoolsv.exe[2040] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\spoolsv.exe[2040] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\igfxsrvc.exe[2052] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2112] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00531014
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00530804
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00530A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00530C0C
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00530E10
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 005301F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 005303FC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00530600
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00540804
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00540A08
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00540600
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 005401F8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2128] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 005403FC
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 009D1014
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 009D0804
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 009D0A08
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 009D0C0C
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 009D0E10
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 009D01F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 009D03FC
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 009D0600
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 009E0804
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 009E0A08
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 009E0600
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 009E01F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\Rar$EXa0.554\gmer.exe[2452] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 009E03FC
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe[2468] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\WinRAR\WinRAR.exe[2532] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\Program Files\WinRAR\WinRAR.exe[2532] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\Program Files\WinRAR\WinRAR.exe[2532] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\WinRAR\WinRAR.exe[2532] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\WinRAR\WinRAR.exe[2532] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\WinRAR\WinRAR.exe[2532] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\WinRAR\WinRAR.exe[2532] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2556] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\wuauclt.exe[2744] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\wuauclt.exe[2744] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[2744] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\wuauclt.exe[2744] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00381014
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00380E10
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\wuauclt.exe[2744] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!UnhookWinEvent 7E3818AC 3 Bytes JMP 003903FC
.text C:\WINDOWS\system32\wuauclt.exe[2744] USER32.dll!UnhookWinEvent + 4 7E3818B0 1 Byte [82]
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014

.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00480804
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00480A08
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00480600
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004801F8
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2844] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004803FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000601F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000603FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 03F40804
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 03F40A08
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 03F40600
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 03F401F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 03F403FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 03F51014
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 03F50804
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 03F50A08
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 03F50C0C
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 03F50E10
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 03F501F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 03F503FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[2936] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 03F50600
.text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\WINDOWS\RTHDCPL.EXE[2948] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003D1014
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003D0804
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003D0A08
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003D0E10
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003D01F8
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003D03FC
.text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003D0600
.text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00301014
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00300C0C
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00300E10
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2996] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\igfxpers.exe[3044] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\WINDOWS\system32\igfxpers.exe[3044] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\igfxpers.exe[3044] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\WINDOWS\system32\igfxpers.exe[3044] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\igfxpers.exe[3044] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\igfxpers.exe[3044] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\igfxpers.exe[3044] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\igfxpers.exe[3044] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\igfxpers.exe[3044] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\igfxpers.exe[3044] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003C1014
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003C0804
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003C0A08
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003C0C0C
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003C0E10
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003C01F8
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003C03FC
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003C0600
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\wbem\unsecapp.exe[3072] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\rundll32.exe[3120] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\rundll32.exe[3120] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\rundll32.exe[3120] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\rundll32.exe[3120] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\rundll32.exe[3120] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00300804
.text C:\WINDOWS\system32\rundll32.exe[3120] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00300A08
.text C:\WINDOWS\system32\rundll32.exe[3120] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00300600
.text C:\WINDOWS\system32\rundll32.exe[3120] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003001F8
.text C:\WINDOWS\system32\rundll32.exe[3120] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003003FC
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00311014
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00310804
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00310A08
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00310C0C
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00310E10
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\rundll32.exe[3120] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\hkcmd.exe[3224] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\WINDOWS\system32\hkcmd.exe[3224] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\hkcmd.exe[3224] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\WINDOWS\system32\hkcmd.exe[3224] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\hkcmd.exe[3224] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\WINDOWS\system32\hkcmd.exe[3224] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\WINDOWS\system32\hkcmd.exe[3224] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\WINDOWS\system32\hkcmd.exe[3224] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\WINDOWS\system32\hkcmd.exe[3224] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00431014
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00430804
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00430A08
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00430C0C
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00430E10
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 004301F8
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 004303FC
.text C:\WINDOWS\system32\hkcmd.exe[3224] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00430600
.text C:\WINDOWS\BR040286.exe[3276] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\WINDOWS\BR040286.exe[3276] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\BR040286.exe[3276] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\WINDOWS\BR040286.exe[3276] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\BR040286.exe[3276] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\BR040286.exe[3276] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\BR040286.exe[3276] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\BR040286.exe[3276] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\BR040286.exe[3276] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\WINDOWS\BR040286.exe[3276] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\WINDOWS\Explorer.EXE[3280] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\Explorer.EXE[3280] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[3280] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\Explorer.EXE[3280] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00381014
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00380804
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00380A08
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00380E10
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003801F8
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\Explorer.EXE[3280] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00380600
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00390804
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00390600
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!UnhookWinEvent 7E3818AC 3 Bytes JMP 003903FC
.text C:\WINDOWS\Explorer.EXE[3280] USER32.dll!UnhookWinEvent + 4 7E3818B0 1 Byte [82]
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01381014
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01380804
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01380A08
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01380C0C
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01380E10
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 013801F8
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 013803FC
.text C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe[3316] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01380600
.text C:\WINDOWS\System32\alg.exe[3328] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\alg.exe[3328] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[3328] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\alg.exe[3328] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[3328] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00300804
.text C:\WINDOWS\System32\alg.exe[3328] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00300A08
.text C:\WINDOWS\System32\alg.exe[3328] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00300600
.text C:\WINDOWS\System32\alg.exe[3328] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003001F8
.text C:\WINDOWS\System32\alg.exe[3328] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003003FC
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00311014
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00310804
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00310A08
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00310C0C
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00310E10
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003103FC
.text C:\WINDOWS\System32\alg.exe[3328] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00310600
.text C:\WINDOWS\system32\ctfmon.exe[3352] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\ctfmon.exe[3352] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3352] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\ctfmon.exe[3352] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00381014
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00380E10
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\ctfmon.exe[3352] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!UnhookWinEvent 7E3818AC 3 Bytes JMP 003903FC
.text C:\WINDOWS\system32\ctfmon.exe[3352] USER32.dll!UnhookWinEvent + 4 7E3818B0 1 Byte [82]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00ED1014
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00ED0804
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00ED0A08
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00ED0C0C
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00ED0E10
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 00ED01F8
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 00ED03FC
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[3440] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00ED0600
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\DOCUME~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe[3484] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00440804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00440A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00440600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004401F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3536] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004403FC
.text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[3548] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[3548] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 01B21014
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 01B20804
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 01B20A08
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 01B20C0C
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 01B20E10
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 01B201F8
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 01B203FC
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 01B20600
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 01B30804
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 01B30A08
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 01B30600
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 01B301F8
.text C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe[3616] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 01B303FC
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003E1014
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003E0804
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003E0A08
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003E0C0C
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003E0E10
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003E01F8
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe[3640] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003E0600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00420804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00420A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00420600
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004201F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004203FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 00431014
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 00430804
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 00430A08
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 00430C0C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 00430E10
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 004301F8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 004303FC
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3916] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 00430600
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[3936] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[3936] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 001601F8
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 001603FC
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 003F1014
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 003F0804
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 003F0A08
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 003F0C0C
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 003F0E10
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 003F01F8
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 003F03FC
.text C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[4008] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 003F0600

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[1032] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00640002
IAT C:\WINDOWS\system32\services.exe[1032] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00640000
IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1972] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6A0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\Alwil Software\Avast5\avastUI.exe[3936] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6A0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e4cd71410
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001e4cd71410 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e4cd71410 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Ani zde nic není. Poslední pokus je ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Pokud ani ten nenajde nic, zbudou 2 možnosti. Buď je nainstalováno něco, co se nesnáčí se systémem, nebo s jinou aplikací, nebo jde o nespecifikovaný hardwarový problém.

Omlouvám se za delší nečinnost a přikládám log z Combofixu:

ComboFix 12-07-08.02 - Silvuška 09.07.2012 22:31:29.1.2 - x86
Spuštěný z: c:\documents and settings\SilvuÜka\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Utility
c:\program files\Utility\acevm.exe
c:\program files\Utility\DivXInstaller.exe
c:\program files\Utility\DriveSpeed.exe
c:\program files\Utility\DVDRegionFree59.exe
c:\program files\Utility\klcodec301f.exe
c:\program files\Utility\PowerDVD_Trial.exe
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\windows\IsUn0405.exe
c:\windows\msmqinst.log
c:\windows\system\BisonC27.dll
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-09 do 2012-07-09 )))))))))))))))))))))))))))))))
.
.
2012-06-13 18:14 . 2012-05-11 14:44 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2036-02-07 01:58 . 2009-02-19 20:27 1227482 ----a-r- c:\windows\system32\3_VETERANI.scr
2012-06-09 18:12 . 2012-06-09 18:12 1409 ----a-w- c:\windows\QTFont.for
2012-06-09 14:21 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-09 14:21 . 2007-01-08 20:17 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 17:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-18 03:00 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-18 03:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-18 03:00 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-18 03:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-18 03:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-18 03:00 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2004-08-18 03:00 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-18 03:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2004-08-18 03:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2007-04-18 12:32 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2007-03-08 15:36 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2004-08-18 03:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2004-08-18 03:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-18 03:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2007-02-28 16:09 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2007-02-28 16:08 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-08-18 03:00 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 12:18 . 2012-04-26 12:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-26 12:18 . 2012-04-26 12:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-27 17:45 . 2012-05-09 19:54 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS5\Bridge.exe" [2010-03-09 11989960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="c:\windows\RUNXMLPL.exe" [2007-04-21 20480]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-07 1015808]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008]
"BisonInst0402"="c:\windows\BR040286.exe" [2007-05-08 53248]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-21 155648]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-10-26 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
c:\documents and settings\Silvuška\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-14 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 09:25 208896 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 20:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-05-28 13:56 342528 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 09:44 475136 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 12:07 421888 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 20:26 68640 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:HTTPS
"21:TCP"= 21:TCP:FTP
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.2.2011 22:29 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.9.2010 21:18 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.9.2010 21:18 20696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [30.9.2010 21:02 112640]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [4.10.2010 19:59 100480]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9.5.2012 21:54 113120]
S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);c:\windows\system32\drivers\SE2Fbus.sys [25.9.2008 1:50 61600]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [8.1.2011 13:46 11520]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-05 c:\windows\Tasks\AdobeAAMUpdater-1.0-INTROPICTURE-Silvuška.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-10-26 16:06]
.
2012-07-09 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-06-09 12:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Connection Wizard,ShellNext = hxxp://cs.intl.acer.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: lekarnici.cz\www
FF - ProfilePath - c:\documents and settings\Silvuška\Data aplikací\Mozilla\Firefox\Profiles\jt6ac4ys.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-eNMTray.exe - (no file)
HKLM-Run-egui - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
MSConfigStartUp-eLockMonitor - c:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
AddRemove-GridVista - c:\windows\UnInst32.exe
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9b.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-09 22:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
eNMTray.exe = ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(136)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\SILVUK~1\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2012-07-09 23:06:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-09 21:06
.
Před spuštěním: Volných bajtů: 78 466 048 000
Po spuštění: Volných bajtů: 79 390 306 304
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 56108E86A17CC7BCB062C38FA219AC8B

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

Bohužel, žádná změna

Ještě zkuste reinstalovat ovladače zákl. desky a gr. karty.