dobry den,mam problem s pocitacom,nenabehne mi operacny system,mam iba cistu plochu bez spodnej listy a bez ikon na ploche.V safe mode som urobil log z RSIT
Logfile of random's system information tool 1.07 (written by random/random)
Run by Rinto at 2010-05-22 19:37:01
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (7%) free of 40 GB
Total RAM: 1535 MB (81% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0744341-96E0-4341-9ED2-8BC36CE0CCD0}]
Trixie.Bho - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-11-17 7700480]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2005-09-13 1668096]
"Outpost Firewall"=C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-12-18 94720]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2006-12-29 335872]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-03-16 319792]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-03-30 2012912]
""= []
"H/PC Connection Agent"=C:\PROGRA~1\MI3AA1~1\wcescomm.exe [2006-11-13 1289000]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{254b7540-bb21-11dd-927a-000296418788}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - H:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33e57b43-87c4-11dd-a572-806d6172696f}]
shell\AutoRun\command - E:\MioDVD.exe
======List of files/folders created in the last 1 months======
2010-05-22 19:37:02 ----D---- C:\Program Files\trend micro
2010-05-22 19:37:01 ----D---- C:\rsit
2010-05-22 00:26:59 ----D---- C:\WINDOWS\LastGood.Tmp
2010-05-22 00:24:52 ----D---- C:\Documents and Settings\Rinto\Application Data\vlc
2010-05-21 23:43:40 ----D---- C:\Config.Msi
2010-05-21 23:36:24 ----A---- C:\WINDOWS\ntbtlog.txt
2010-05-11 20:55:48 ----DC---- C:\WINDOWS\$NtUninstallKB978542$
2010-04-24 20:58:30 ----D---- C:\Program Files\Mio Technology
2010-04-24 20:57:17 ----D---- C:\Program Files\Microsoft ActiveSync
======List of files/folders modified in the last 1 months======
2010-05-22 19:37:02 ----RD---- C:\Program Files
2010-05-22 19:19:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-22 18:59:40 ----D---- C:\WINDOWS\Temp
2010-05-22 00:30:31 ----D---- C:\WINDOWS\system32
2010-05-22 00:30:14 ----D---- C:\WINDOWS
2010-05-22 00:29:29 ----D---- C:\WINDOWS\system32\config
2010-05-22 00:27:56 ----D---- C:\WINDOWS\system32\wbem
2010-05-22 00:27:54 ----D---- C:\WINDOWS\Registration
2010-05-22 00:27:10 ----D---- C:\Documents and Settings\Rinto\Application Data\uTorrent
2010-05-22 00:25:56 ----D---- C:\Program Files\uTorrent
2010-05-22 00:23:40 ----HD---- C:\WINDOWS\inf
2010-05-22 00:23:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-22 00:23:35 ----D---- C:\Program Files\Outlook Express
2010-05-22 00:18:04 ----SHD---- C:\WINDOWS\Installer
2010-05-22 00:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-05-22 00:15:15 ----D---- C:\WINDOWS\system32\drivers
2010-05-22 00:14:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-05-21 23:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-05-21 23:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-05-21 23:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-05-21 23:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-05-21 23:37:14 ----D---- C:\Documents and Settings
2010-05-21 23:33:33 ----D---- C:\WINDOWS\Prefetch
2010-05-20 23:22:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-20 20:57:56 ----D---- C:\Program Files\MZ Manager 2
2010-05-12 21:36:50 ----D---- C:\WINDOWS\Debug
2010-05-11 20:56:45 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-05-11 20:51:46 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-24 21:02:57 ----SD---- C:\Documents and Settings\Rinto\Application Data\Microsoft
2010-04-24 20:58:49 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-24 20:57:19 ----D---- C:\WINDOWS\Help
2010-04-24 20:57:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-24 19:11:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-24 19:07:36 ----A---- C:\WINDOWS\ODBC.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
S1 SandBox;Outpost Firewall Sandbox Driver; \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S1 VFILT;Outpost Firewall Kernel Driver; \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
S2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-10-19 15781]
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
S3 a8ul5bm7;a8ul5bm7; C:\WINDOWS\system32\drivers\a8ul5bm7.sys []
S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL []
S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL []
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
S3 BCM43XX;ASUS 802.11 ovládač sieťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys []
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys []
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNP.sys []
S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL []
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL []
S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2008-08-20 171152]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL []
S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL []
S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL []
S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-11-17 3994688]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL []
S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL); \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL []
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
S2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-11-17 159811]
S2 OutpostFirewall;Outpost Firewall Service; C:\Program Files\Agnitum\Outpost Firewall\outpost.exe [2006-12-18 94720]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
S2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu-nenabehne windows
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
zdravím 
prosím o chvilku strpení
prosím o chvilku strpení
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
otevřete si Poznámkový blok do kterého napíšete tento text
poté uložte výsledný soubor jako např. uprava.reg (jako typ souboru zvolte při ukládaní Všechny soubory) a dvojitým poklikáním spusťte, případné hlášky o úpravě registru potvrďte
až to budete mít, restartujte pc do normálního režimu a zkontrolujte, zda to normálně nabíhá
pokud ne, proveďte následující proces
spusťte Správce úloh stiskem kláves Ctrl+Alt+Del, na záložce Aplikace klikněte na tlačítko Nová úloha, do okénka které se otevře napište explorer.exe a potvrďte stisknutím klávesy Enter
zkontrolujte zda to naběhlo a nahlašte stav
Kód: Vybrat vše
REGEDIT4
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{254b7540-bb21-11dd-927a-000296418788}]pokud ne, proveďte následující proces
spusťte Správce úloh stiskem kláves Ctrl+Alt+Del, na záložce Aplikace klikněte na tlačítko Nová úloha, do okénka které se otevře napište explorer.exe a potvrďte stisknutím klávesy Enter
zkontrolujte zda to naběhlo a nahlašte stav
Re: Prosim o kontrolu logu-nenabehne windows
tak ikony na ploche mi uz nabehli,ale len na chvilu,dal som otvorit Tento pocitac a dlho dlho bolo prazdne okno,tak som dal restartovat pocitac,vyhodilo mi hlasku ze ukoncuje program na wireless siet od Asusu-Centrer.exe a zmizli zasa vsetky ikony na ploche,a pocitac sa nevypol...
po restarte mi pocitac nabehne normalne aj s ikonami na ploche,ale ked otvorim Tento pocitac tak zasa dlho dlho nacitava,tak dam restartovat a som zase tam kde som bol,stale dokola,pise ze neodpoveda program Center.exe a dam ukoncit teraz,zmiznu ikony z plochy a pocitac sa nevypne
po restarte mi pocitac nabehne normalne aj s ikonami na ploche,ale ked otvorim Tento pocitac tak zasa dlho dlho nacitava,tak dam restartovat a som zase tam kde som bol,stale dokola,pise ze neodpoveda program Center.exe a dam ukoncit teraz,zmiznu ikony z plochy a pocitac sa nevypne
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
tato akce nepomohla, jedeme dál
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
Re: Prosim o kontrolu logu-nenabehne windows
tu je log z combofixu
ComboFix 10-05-22.01 - Rinto . 05. 2010 22:24:09.1.1 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1535.1225 [GMT 2:00]
Running from: c:\documents and settings\Rinto\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100424-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
c:\program files\Agnitum\Outpost Firewall\wl_hook.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\mw2mmgr.inc
c:\documents and settings\All Users\Application Data\mw2mmgr.txt
.
((((((((((((((((((((((((( Files Created from 2010-04-22 to 2010-05-22 )))))))))))))))))))))))))))))))
.
2010-05-22 17:37 . 2010-05-22 17:37 -------- d-----w- c:\program files\trend micro
2010-05-22 17:37 . 2010-05-22 17:37 -------- d-----w- C:\rsit
2010-05-21 22:27 . 2010-05-21 22:27 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-21 22:26 . 2010-05-21 22:26 -------- d-----w- c:\windows\LastGood.Tmp
2010-05-21 22:24 . 2010-05-21 22:25 -------- d-----w- c:\documents and settings\Rinto\Application Data\vlc
2010-05-21 21:37 . 2010-05-21 22:21 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
2010-05-21 21:37 . 2009-07-20 10:57 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2010-05-21 21:37 . 2010-05-21 22:21 -------- d-s---w- c:\documents and settings\Administrator
2010-04-24 18:58 . 2010-04-24 18:58 -------- d-----w- c:\program files\Mio Technology
2010-04-24 18:57 . 2010-05-21 22:18 -------- d-----w- c:\program files\Microsoft ActiveSync
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-22 20:15 . 2009-10-11 13:02 -------- d-----w- c:\documents and settings\Rinto\Application Data\uTorrent
2010-05-21 22:35 . 2008-09-21 09:06 24 ----a-w- c:\windows\system32\DVCStateBkp-{00000003-00000000-00000001-00001102-00000002-80651102}.dat
2010-05-21 22:35 . 2008-09-21 09:06 24 ----a-w- c:\windows\system32\DVCState-{00000003-00000000-00000001-00001102-00000002-80651102}.dat
2010-05-21 22:25 . 2009-10-11 13:06 -------- d-----w- c:\program files\uTorrent
2010-05-20 18:57 . 2008-09-21 11:14 -------- d-----w- c:\program files\MZ Manager 2
2010-05-11 18:56 . 2008-09-21 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-24 18:58 . 2008-09-21 08:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-18 08:36 . 2008-09-21 12:34 -------- d-----w- c:\program files\CCleaner
2010-03-30 17:18 . 2010-02-08 20:51 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AcrobatUpdater.exe
2010-03-22 17:51 . 2010-03-22 17:51 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-03-22 17:51 . 2010-03-22 17:51 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-03-11 07:17 . 2010-03-22 17:38 64164264 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\NokiaOviSuite2Installer.exe
2010-03-11 07:17 . 2010-02-15 14:13 64164264 ----a-w- c:\documents and settings\Rinto\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
2010-03-10 06:15 . 2008-04-14 11:42 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2008-04-14 11:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-04-14 06:47 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-16 319792]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-03-30 2012912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jet Detection"="c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-28 28672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480]
"Outpost Firewall"="c:\program files\Agnitum\Outpost Firewall\outpost.exe" [2006-12-18 94720]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2006-12-29 335872]
"nwiz"="nwiz.exe" [2006-11-17 1622016]
"NvMediaCenter"="NvMCTray.dll" [2006-11-17 86016]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 VFILT;Outpost Firewall Kernel Driver;c:\program files\Agnitum\Outpost Firewall\Kernel\filtnt.sys [26. 10. 2008 9:32 163328]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21. 9. 2008 12:22 717296]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21. 9. 2008 11:09 114768]
S1 SandBox;Outpost Firewall Sandbox Driver;c:\program files\Agnitum\Outpost Firewall\Kernel\SandBox.sys [26. 10. 2008 9:32 323816]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [16. 12. 2009 17:26 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [16. 12. 2009 17:26 66632]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21. 9. 2008 11:09 20560]
S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\adblock.dll [26. 10. 2008 9:32 33568]
S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\arp.dll [26. 10. 2008 9:32 17408]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys --> c:\windows\system32\DRIVERS\CnxEtP.sys [?]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys --> c:\windows\system32\DRIVERS\CnxEtU.sys [?]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNP.sys --> c:\windows\system32\DRIVERS\CnxTgNP.sys [?]
S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\content.dll [26. 10. 2008 9:32 4896]
S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\dnscache.dll [26. 10. 2008 9:32 14464]
S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll [26. 10. 2008 9:32 9248]
S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll [26. 10. 2008 9:32 11552]
S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\httpfilt.dll [26. 10. 2008 9:32 13216]
S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll [26. 10. 2008 9:32 7168]
S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll [26. 10. 2008 9:32 14880]
S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll [26. 10. 2008 9:32 6752]
S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll [26. 10. 2008 9:32 10048]
S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\protect.dll [26. 10. 2008 9:32 15200]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16. 12. 2009 17:27 12872]
S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\secret.dll [26. 10. 2008 9:32 12928]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25. 1. 2008 11:12 25088]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zive.sk/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - c:\windows\system32\mscoree.DLL
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_2.3.37.6.cab
FF - ProfilePath - c:\documents and settings\Rinto\Application Data\Mozilla\Firefox\Profiles\j1xkcpeq.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.zive.sk
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\documents and settings\Rinto\Application Data\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-22 22:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(884)
c:\program files\Agnitum\Outpost Firewall\wl_hook.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\documents and settings\Rinto\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\Rinto\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
.
Completion time: 2010-05-22 22:32:26
ComboFix-quarantined-files.txt 2010-05-22 20:32
Pre-Run: 2 946 633 728 bytes free
Post-Run: 2 932 985 856 bytes free
- - End Of File - - AEA2B63EAF1A48188D1B383C46C38FF6
ComboFix 10-05-22.01 - Rinto . 05. 2010 22:24:09.1.1 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1535.1225 [GMT 2:00]
Running from: c:\documents and settings\Rinto\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100424-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
c:\program files\Agnitum\Outpost Firewall\wl_hook.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\mw2mmgr.inc
c:\documents and settings\All Users\Application Data\mw2mmgr.txt
.
((((((((((((((((((((((((( Files Created from 2010-04-22 to 2010-05-22 )))))))))))))))))))))))))))))))
.
2010-05-22 17:37 . 2010-05-22 17:37 -------- d-----w- c:\program files\trend micro
2010-05-22 17:37 . 2010-05-22 17:37 -------- d-----w- C:\rsit
2010-05-21 22:27 . 2010-05-21 22:27 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-21 22:26 . 2010-05-21 22:26 -------- d-----w- c:\windows\LastGood.Tmp
2010-05-21 22:24 . 2010-05-21 22:25 -------- d-----w- c:\documents and settings\Rinto\Application Data\vlc
2010-05-21 21:37 . 2010-05-21 22:21 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
2010-05-21 21:37 . 2009-07-20 10:57 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2010-05-21 21:37 . 2010-05-21 22:21 -------- d-s---w- c:\documents and settings\Administrator
2010-04-24 18:58 . 2010-04-24 18:58 -------- d-----w- c:\program files\Mio Technology
2010-04-24 18:57 . 2010-05-21 22:18 -------- d-----w- c:\program files\Microsoft ActiveSync
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-22 20:15 . 2009-10-11 13:02 -------- d-----w- c:\documents and settings\Rinto\Application Data\uTorrent
2010-05-21 22:35 . 2008-09-21 09:06 24 ----a-w- c:\windows\system32\DVCStateBkp-{00000003-00000000-00000001-00001102-00000002-80651102}.dat
2010-05-21 22:35 . 2008-09-21 09:06 24 ----a-w- c:\windows\system32\DVCState-{00000003-00000000-00000001-00001102-00000002-80651102}.dat
2010-05-21 22:25 . 2009-10-11 13:06 -------- d-----w- c:\program files\uTorrent
2010-05-20 18:57 . 2008-09-21 11:14 -------- d-----w- c:\program files\MZ Manager 2
2010-05-11 18:56 . 2008-09-21 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-24 18:58 . 2008-09-21 08:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-18 08:36 . 2008-09-21 12:34 -------- d-----w- c:\program files\CCleaner
2010-03-30 17:18 . 2010-02-08 20:51 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\22179\AcrobatUpdater.exe
2010-03-22 17:51 . 2010-03-22 17:51 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-03-22 17:51 . 2010-03-22 17:51 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-03-11 07:17 . 2010-03-22 17:38 64164264 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\NokiaOviSuite2Installer.exe
2010-03-11 07:17 . 2010-02-15 14:13 64164264 ----a-w- c:\documents and settings\Rinto\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
2010-03-10 06:15 . 2008-04-14 11:42 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2008-04-14 11:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-04-14 06:47 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-16 319792]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-03-30 2012912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jet Detection"="c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-28 28672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-17 7700480]
"Outpost Firewall"="c:\program files\Agnitum\Outpost Firewall\outpost.exe" [2006-12-18 94720]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2006-12-29 335872]
"nwiz"="nwiz.exe" [2006-11-17 1622016]
"NvMediaCenter"="NvMCTray.dll" [2006-11-17 86016]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 VFILT;Outpost Firewall Kernel Driver;c:\program files\Agnitum\Outpost Firewall\Kernel\filtnt.sys [26. 10. 2008 9:32 163328]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21. 9. 2008 12:22 717296]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21. 9. 2008 11:09 114768]
S1 SandBox;Outpost Firewall Sandbox Driver;c:\program files\Agnitum\Outpost Firewall\Kernel\SandBox.sys [26. 10. 2008 9:32 323816]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [16. 12. 2009 17:26 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [16. 12. 2009 17:26 66632]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21. 9. 2008 11:09 20560]
S3 ADBLOCK.DLL;Outpost Firewall PlugIn (ADBLOCK.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\adblock.dll [26. 10. 2008 9:32 33568]
S3 ARP.DLL;Outpost Firewall PlugIn (ARP.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\arp.dll [26. 10. 2008 9:32 17408]
S3 CnxEtP;Conexant AccessRunner USB ADSL Adapter Filter Driver;c:\windows\system32\DRIVERS\CnxEtP.sys --> c:\windows\system32\DRIVERS\CnxEtP.sys [?]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\DRIVERS\CnxEtU.sys --> c:\windows\system32\DRIVERS\CnxEtU.sys [?]
S3 CnxTgNP;Conexant AccessRunner ADSL WAN PPPoE Adapter Driver;c:\windows\system32\DRIVERS\CnxTgNP.sys --> c:\windows\system32\DRIVERS\CnxTgNP.sys [?]
S3 CONTENT.DLL;Outpost Firewall PlugIn (CONTENT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\content.dll [26. 10. 2008 9:32 4896]
S3 DNSCACHE.DLL;Outpost Firewall PlugIn (DNSCACHE.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\dnscache.dll [26. 10. 2008 9:32 14464]
S3 FTPFILT.DLL;Outpost Firewall PlugIn (FTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\ftpfilt.dll [26. 10. 2008 9:32 9248]
S3 HTMLFILT.DLL;Outpost Firewall PlugIn (HTMLFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\htmlfilt.dll [26. 10. 2008 9:32 11552]
S3 HTTPFILT.DLL;Outpost Firewall PlugIn (HTTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\httpfilt.dll [26. 10. 2008 9:32 13216]
S3 IMAPFILT.DLL;Outpost Firewall PlugIn (IMAPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\imapfilt.dll [26. 10. 2008 9:32 7168]
S3 MAILFILT.DLL;Outpost Firewall PlugIn (MAILFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\mailfilt.dll [26. 10. 2008 9:32 14880]
S3 NNTPFILT.DLL;Outpost Firewall PlugIn (NNTPFILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\nntpfilt.dll [26. 10. 2008 9:32 6752]
S3 POP3FILT.DLL;Outpost Firewall PlugIn (POP3FILT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\pop3filt.dll [26. 10. 2008 9:32 10048]
S3 PROTECT.DLL;Outpost Firewall PlugIn (PROTECT.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\protect.dll [26. 10. 2008 9:32 15200]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16. 12. 2009 17:27 12872]
S3 SECRET.DLL;Outpost Firewall PlugIn (SECRET.DLL);c:\program files\Agnitum\Outpost Firewall\Kernel\secret.dll [26. 10. 2008 9:32 12928]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25. 1. 2008 11:12 25088]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zive.sk/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - c:\windows\system32\mscoree.DLL
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_2.3.37.6.cab
FF - ProfilePath - c:\documents and settings\Rinto\Application Data\Mozilla\Firefox\Profiles\j1xkcpeq.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.zive.sk
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\documents and settings\Rinto\Application Data\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-22 22:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(884)
c:\program files\Agnitum\Outpost Firewall\wl_hook.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\documents and settings\Rinto\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\Rinto\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
.
Completion time: 2010-05-22 22:32:26
ComboFix-quarantined-files.txt 2010-05-22 20:32
Pre-Run: 2 946 633 728 bytes free
Post-Run: 2 932 985 856 bytes free
- - End Of File - - AEA2B63EAF1A48188D1B383C46C38FF6
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
stáhněte GMER , rozbalte a spusťte
proběhne sken; po jeho ukončení se zobrazí výsledky
pak klikněte na Save a uložíte tak log; jeho obsah sem vložte
potom dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
proběhne sken; po jeho ukončení se zobrazí výsledky
pak klikněte na Save a uložíte tak log; jeho obsah sem vložte
potom dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
Re: Prosim o kontrolu logu-nenabehne windows
prvy log z gmeru
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-22 23:28:17
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Rinto\LOCALS~1\Temp\awwyrpoc.sys
---- System - GMER 1.0.15 ----
SSDT splb.sys ZwEnumerateKey [0xF74F5CA2]
SSDT splb.sys ZwEnumerateValueKey [0xF74F6030]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryDirectoryFile [0xB7AB02C0]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 899151F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \Fat 89541500
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-22 23:28:17
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Rinto\LOCALS~1\Temp\awwyrpoc.sys
---- System - GMER 1.0.15 ----
SSDT splb.sys ZwEnumerateKey [0xF74F5CA2]
SSDT splb.sys ZwEnumerateValueKey [0xF74F6030]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryDirectoryFile [0xB7AB02C0]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 899151F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \Fat 89541500
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
počkám ještě na ten druhý log
Re: Prosim o kontrolu logu-nenabehne windows
prepacte za oneskorenie,tu je druhy log z GMERu prva cast,ma to nejak moc vela znakov
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 22:18:02
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Rinto\LOCALS~1\Temp\awwyrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwAssignProcessToJobObject [0xB7ACD420]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB7A056B8]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateFile [0xB7ABB410]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB7A05574]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateProcess [0xB7ACAC40]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateProcessEx [0xB7ACB310]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateSection [0xB7ABA6D0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateSymbolicLinkObject [0xB7AC2CF0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.) ZwCreateThread [0xB7C73070]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwDeleteFile [0xB7AC1CC0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwDeleteKey [0xB7AC4180]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB7A05A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB7A0514C]
SSDT spxa.sys ZwEnumerateKey [0xF74F5CA2]
SSDT spxa.sys ZwEnumerateValueKey [0xF74F6030]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwLoadDriver [0xB7AC9680]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwMakeTemporaryObject [0xB7AC2580]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwOpenFile [0xB7ABCCD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB7A0564E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB7A0508C]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwOpenSection [0xB7ABADD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB7A050F0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwProtectVirtualMemory [0xB7ACE2C0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryDirectoryFile [0xB7ABE2C0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryKey [0xB7AC4BD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB7A0576E]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwReplaceKey [0xB7AC65F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB7A0572E]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSaveKey [0xB7AC7640]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSaveKeyEx [0xB7AC7D70]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSetInformationFile [0xB7ABF470]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB7A058AE]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.) ZwTerminateProcess [0xB7C73A20]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwTerminateThread [0xB7ACCC20]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwUnloadDriver [0xB7AC9D90]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwWriteVirtualMemory [0xB7ACDB40]
INT 0x62 ? 89916BF8
INT 0x63 ? 895FFBF8
INT 0x73 ? 895FFBF8
INT 0x82 ? 89916BF8
INT 0xB4 ? 895FFBF8
---- Kernel code sections - GMER 1.0.15 ----
? spxa.sys The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xBA272360, 0x24BBAD, 0xE8000020]
.text USBPORT.SYS!DllUnload BA20F8AC 5 Bytes JMP 895FF1D8
.text ane637ki.SYS BA032386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text ane637ki.SYS BA0323AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ane637ki.SYS BA0323C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text ane637ki.SYS BA0323C9 1 Byte [2E]
.text ane637ki.SYS BA0323C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\winlogon.exe[952] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1004D18C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\winlogon.exe[952] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D1B4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 22:18:02
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Rinto\LOCALS~1\Temp\awwyrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwAssignProcessToJobObject [0xB7ACD420]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB7A056B8]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateFile [0xB7ABB410]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB7A05574]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateProcess [0xB7ACAC40]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateProcessEx [0xB7ACB310]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateSection [0xB7ABA6D0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwCreateSymbolicLinkObject [0xB7AC2CF0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.) ZwCreateThread [0xB7C73070]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwDeleteFile [0xB7AC1CC0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwDeleteKey [0xB7AC4180]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB7A05A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB7A0514C]
SSDT spxa.sys ZwEnumerateKey [0xF74F5CA2]
SSDT spxa.sys ZwEnumerateValueKey [0xF74F6030]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwLoadDriver [0xB7AC9680]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwMakeTemporaryObject [0xB7AC2580]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwOpenFile [0xB7ABCCD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB7A0564E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB7A0508C]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwOpenSection [0xB7ABADD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB7A050F0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwProtectVirtualMemory [0xB7ACE2C0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryDirectoryFile [0xB7ABE2C0]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwQueryKey [0xB7AC4BD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB7A0576E]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwReplaceKey [0xB7AC65F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB7A0572E]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSaveKey [0xB7AC7640]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSaveKeyEx [0xB7AC7D70]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwSetInformationFile [0xB7ABF470]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB7A058AE]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.) ZwTerminateProcess [0xB7C73A20]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwTerminateThread [0xB7ACCC20]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwUnloadDriver [0xB7AC9D90]
SSDT \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS (SandBox File System Access Control by Process Manager/Agnitum Ltd.) ZwWriteVirtualMemory [0xB7ACDB40]
INT 0x62 ? 89916BF8
INT 0x63 ? 895FFBF8
INT 0x73 ? 895FFBF8
INT 0x82 ? 89916BF8
INT 0xB4 ? 895FFBF8
---- Kernel code sections - GMER 1.0.15 ----
? spxa.sys The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xBA272360, 0x24BBAD, 0xE8000020]
.text USBPORT.SYS!DllUnload BA20F8AC 5 Bytes JMP 895FF1D8
.text ane637ki.SYS BA032386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text ane637ki.SYS BA0323AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ane637ki.SYS BA0323C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text ane637ki.SYS BA0323C9 1 Byte [2E]
.text ane637ki.SYS BA0323C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Documents and Settings\Rinto\Desktop\gmer\gmer.exe[464] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\Explorer.EXE[704] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\winlogon.exe[952] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1004D18C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\winlogon.exe[952] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D1B4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
Re: Prosim o kontrolu logu-nenabehne windows
druha cast logu
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\RunDLL32.exe[1112] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\wcescomm.exe[1164] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\uTorrent\uTorrent.exe[1176] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
Re: Prosim o kontrolu logu-nenabehne windows
tretia cast
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[1184] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[1428] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1696] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtCreateThread 7C90D1AE 5 Bytes JMP 1004D5DC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1004D62C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSetContextThread 7C90DBAE 5 Bytes JMP 1004D604 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSetValueKey 7C90DDCE 5 Bytes JMP 1004D798 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSuspendProcess 7C90DE2E 5 Bytes JMP 1004D6F4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtSuspendThread 7C90DE3E 5 Bytes JMP 1004D6CC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtTerminateProcess 7C90DE6E 5 Bytes JMP 1004D744 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1004D770 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1004D7E8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1004D7C0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1004D514 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1004D53C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!CreateRemoteThread 7C8104CC 5 Bytes JMP 1004D838 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!DebugActiveProcess 7C85B0FB 5 Bytes JMP 1004D810 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1004D4EC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 1004DA68 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!FindWindowExW 7E41E0E3 5 Bytes JMP 1004D978 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeInitializeW 7E4206D7 5 Bytes JMP 1004DB58 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ChangeDisplaySettingsExA 7E42384E 5 Bytes JMP 1004D3FC C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 1004D900 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 1004DC20 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageW 7E42929A 5 Bytes JMP 1004DB08 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 1004D8B0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!PostMessageA 7E42AAFD 5 Bytes JMP 1004DA90 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 1004DBF8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageTimeoutW 7E42CDAA 5 Bytes JMP 1004DA18 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendNotifyMessageW 7E42D64F 5 Bytes JMP 1004DAB8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageCallbackW 7E42D6DB 5 Bytes JMP 1004D9C8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendInput 7E42F140 5 Bytes JMP 1004D950 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageA 7E42F3C2 5 Bytes JMP 1004DB30 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageTimeoutA 7E42FB6B 5 Bytes JMP 1004DA40 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 1004DC48 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 1004D860 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!FindWindowExA 7E43214A 5 Bytes JMP 1004D9A0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendNotifyMessageA 7E453948 5 Bytes JMP 1004DAE0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeConnect 7E4581C3 5 Bytes JMP 1004DBD0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeConnectList 7E4584DE 5 Bytes JMP 1004DBA8 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ChangeDisplaySettingsExW 7E4595BD 5 Bytes JMP 1004D3D4 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1004D888 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!ExitWindowsEx 7E45A275 5 Bytes JMP 1004D928 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!DdeInitializeA 7E45A8F6 5 Bytes JMP 1004DB80 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] USER32.dll!SendMessageCallbackA 7E46B129 5 Bytes JMP 1004D9F0 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 1004D49C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] ole32.dll!CoGetClassObject 775156C5 5 Bytes JMP 1004D474 C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
.text C:\WINDOWS\system32\spoolsv.exe[1988] SHELL32.dll!DllGetClassObject 7C9F28E9 5 Bytes JMP 1004D44C C:\Program Files\Agnitum\Outpost Firewall\wl_hook.dll (Winlogon Hooking/Agnitum Ltd.)
Re: Prosim o kontrolu logu-nenabehne windows
stvrta cast
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 898AC2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7508C4C] spxa.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7508CA0] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74D8040] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74D813C] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74D80BE] spxa.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74D87FC] spxa.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74D86D2] spxa.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 895FF2D8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlInitUnicodeString] F44D8B48
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!swprintf] C1815753
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSetEvent] 00002590
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 467C8D51
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 76F6E84A
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] D88BFFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmFreeMappingAddress] 8504C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 5F0A75DB
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 5B08438D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnmapIoSpace] 5DE58B5E
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 259068C3
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IofCompleteRequest] 006A0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 88F0E853
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IofCallDriver] 558DFFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 90838DF8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 52000025
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoConnectInterrupt] 03895750
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDetachDevice] FFF363E8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeWaitForSingleObject] 0C458AFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeEvent] 8B104D8B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeCancelTimer] 43881855
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 1C458B08
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlInitAnsiString] 0F544389
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 89FF45B6
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoQueueWorkItem] 4D8B0C4B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapIoSpace] 50538920
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 8924558B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoReportDetectedDevice] 5389584B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0A43885C
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0646B60F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!NlsMbCodePageTag] A818C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoRequestPowerIrp] 8D7F743F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001A8C8B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0835100
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!sprintf] 7E8D503F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] B9E85728
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObfDereferenceObject] 0F0000D1
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 8D0646B6
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 001B8093
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwClose] E0835200
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E857503F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 0000EBB4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 026B938D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoStartNextPowerIrp] C6830000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoCreateDevice] 0008B908
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCopyUnicodeString] FA8B0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 758BA5F3
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 064E8A08
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwOpenKey] 883FE180
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 0002688B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartTimer] 06468A00
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeTimer] 8306E8C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInitializeTimer] 023C18C4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeDpc] 02698388
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeSpinLock] 19750000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInitializeIrp] 028C838D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwCreateKey] 52500000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 00C143E8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 08C48300
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwSetValueKey] 0575C085
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInsertQueueDpc] EB08708D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 074E8A54
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartPacket] 026A8B88
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 83660000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 7601487E
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeMdl] 4AC68305
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnlockPages] F63302EB
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 5614558B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 75E85352
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 8BFFFFF4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 0CC483F0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSynchronizeExecution] 2075F685
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartNextPacket] 050C7D80
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeBugCheckEx] 0092850F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 458B0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSetTimer] E85350F8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_allmul] FFFFF848
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmProbeAndLockPages] 8408C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_except_handler3] BE7875C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoSetPowerState] 00000008
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] F346E853
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlWriteRegistryValue] C483FFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00F46804
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_aulldiv] 838D0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!strstr] 00001A8C
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_strupr] E850006A
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeQuerySystemTime] FFFF87CA
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 0000F468
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeTickCount] 808B8D00
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 6A00001B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDeleteDevice] B7E85100
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 33FFFF87
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateWorkItem] 6B8389C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateIrp] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateMdl] 00026F83
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 73838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmLockPagableDataSection] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 00027783
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 7B838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ExFreePoolWithTag] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeIrp] 00027F83
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeWorkItem] 83838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!InitSafeBootMode] 53000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCompareMemory] 02878389
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoCallDriver] 7FE80000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!memmove] 83FFFF68
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmHighestUserAddress] 8B5F1CC4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfAcquireSpinLock] C0840CEC
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_UCHAR] 053C0D74
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KeGetCurrentIrql] 57B80974
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfRaiseIrql] 8B000000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfLowerIrql] 56C35DE5
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!HalGetInterruptVector] 8D08758B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!HalTranslateBusAddress] 8D51FC4D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KeStallExecutionProcessor] 8D52FD55
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfReleaseSpinLock] 8D51FE4D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8D52FF55
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_USHORT] 8D51F84D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 5052F455
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!WRITE_PORT_UCHAR] EACAE856
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[WMILIB.SYS!WmiSystemControl] 0FC08520
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[WMILIB.SYS!WmiCompleteRequest] 0001B185
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C83F40] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7C83EE0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7C83F90] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7C841C0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B7C83EE0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C83F40] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B7C841C0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B7C83F90] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[996] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[996] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 899151F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom 89564500
AttachedDevice \Driver\Tcpip \Device\Ip FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBPDO-0 895FE1F8
Device \Driver\usbuhci \Device\USBPDO-1 895FE1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 898AA1F8
Device \Driver\dmio \Device\DmControl\DmConfig 898AA1F8
Device \Driver\dmio \Device\DmControl\DmPnP 898AA1F8
Device \Driver\dmio \Device\DmControl\DmInfo 898AA1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1FAE251F-2EE3-4C99-ADB6-2893DF0AD2BC} 880941F8
Device \Driver\usbuhci \Device\USBPDO-2 895FE1F8
Device \Driver\sptd \Device\1764434018 spxa.sys
Device \Driver\usbehci \Device\USBPDO-3 896861F8
AttachedDevice \Driver\Tcpip \Device\Tcp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 899171F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 899171F8
Device \Driver\Cdrom \Device\CdRom0 896101F8
Device \Driver\Cdrom \Device\CdRom1 896101F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom2 896101F8
Device \Driver\USBSTOR \Device\00000080 880321F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 880941F8
Device \Driver\NetBT \Device\NetbiosSmb 880941F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{54D6AD21-AE01-40D1-ACD3-50BAA18C245D} 880941F8
AttachedDevice \Driver\Tcpip \Device\Udp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\PCI_PNP4018 \Device\0000005f spxa.sys
Device \Driver\PCI_PNP4018 \Device\0000005f spxa.sys
Device \Driver\usbuhci \Device\USBFDO-0 895FE1F8
Device \Driver\usbuhci \Device\USBFDO-1 895FE1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8808E1F8
Device \Driver\usbuhci \Device\USBFDO-2 895FE1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8808E1F8
Device \Driver\usbehci \Device\USBFDO-3 896861F8
Device \Driver\Ftdisk \Device\FtControl 899171F8
Device \Driver\USBSTOR \Device\0000007f 880321F8
Device \Driver\ane637ki \Device\Scsi\ane637ki1Port2Path0Target0Lun0 896621F8
Device \Driver\ane637ki \Device\Scsi\ane637ki1 896621F8
Device \FileSystem\Fastfat \Fat 89564500
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Cdfs \Cdfs 894AD500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x79 0xF6 0x67 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x02 0x1E 0x62 0x2E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC7 0xB7 0xD4 0xE0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x79 0xF6 0x67 0x1C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x02 0x1E 0x62 0x2E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC7 0xB7 0xD4 0xE0 ...
---- EOF - GMER 1.0.15 ----
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 898AC2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7508C4C] spxa.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7508CA0] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74D8040] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74D813C] spxa.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74D80BE] spxa.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74D87FC] spxa.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74D86D2] spxa.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 895FF2D8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlInitUnicodeString] F44D8B48
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!swprintf] C1815753
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSetEvent] 00002590
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 467C8D51
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 76F6E84A
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] D88BFFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmFreeMappingAddress] 8504C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 5F0A75DB
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 5B08438D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnmapIoSpace] 5DE58B5E
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 259068C3
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IofCompleteRequest] 006A0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 88F0E853
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IofCallDriver] 558DFFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 90838DF8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 52000025
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoConnectInterrupt] 03895750
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDetachDevice] FFF363E8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeWaitForSingleObject] 0C458AFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeEvent] 8B104D8B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeCancelTimer] 43881855
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 1C458B08
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlInitAnsiString] 0F544389
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 89FF45B6
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoQueueWorkItem] 4D8B0C4B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapIoSpace] 50538920
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 8924558B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoReportDetectedDevice] 5389584B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0A43885C
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0646B60F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!NlsMbCodePageTag] A818C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoRequestPowerIrp] 8D7F743F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001A8C8B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0835100
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!sprintf] 7E8D503F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] B9E85728
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObfDereferenceObject] 0F0000D1
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 8D0646B6
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 001B8093
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwClose] E0835200
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E857503F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 0000EBB4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 026B938D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoStartNextPowerIrp] C6830000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoCreateDevice] 0008B908
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCopyUnicodeString] FA8B0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 758BA5F3
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 064E8A08
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwOpenKey] 883FE180
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 0002688B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartTimer] 06468A00
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeTimer] 8306E8C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInitializeTimer] 023C18C4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeDpc] 02698388
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInitializeSpinLock] 19750000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoInitializeIrp] 028C838D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwCreateKey] 52500000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 00C143E8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 08C48300
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ZwSetValueKey] 0575C085
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeInsertQueueDpc] EB08708D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 074E8A54
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartPacket] 026A8B88
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 83660000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 7601487E
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeMdl] 4AC68305
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnlockPages] F63302EB
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 5614558B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 75E85352
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 8BFFFFF4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 0CC483F0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSynchronizeExecution] 2075F685
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoStartNextPacket] 050C7D80
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeBugCheckEx] 0092850F
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 458B0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeSetTimer] E85350F8
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_allmul] FFFFF848
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmProbeAndLockPages] 8408C483
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_except_handler3] BE7875C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoSetPowerState] 00000008
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] F346E853
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlWriteRegistryValue] C483FFFF
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00F46804
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_aulldiv] 838D0000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!strstr] 00001A8C
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!_strupr] E850006A
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeQuerySystemTime] FFFF87CA
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 0000F468
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!KeTickCount] 808B8D00
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 6A00001B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoDeleteDevice] B7E85100
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 33FFFF87
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateWorkItem] 6B8389C0
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateIrp] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoAllocateMdl] 00026F83
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 73838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmLockPagableDataSection] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 00027783
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 7B838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!ExFreePoolWithTag] 89000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeIrp] 00027F83
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!IoFreeWorkItem] 83838900
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!InitSafeBootMode] 53000002
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!RtlCompareMemory] 02878389
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!PoCallDriver] 7FE80000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!memmove] 83FFFF68
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[ntoskrnl.exe!MmHighestUserAddress] 8B5F1CC4
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfAcquireSpinLock] C0840CEC
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_UCHAR] 053C0D74
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KeGetCurrentIrql] 57B80974
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfRaiseIrql] 8B000000
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfLowerIrql] 56C35DE5
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!HalGetInterruptVector] 8D08758B
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!HalTranslateBusAddress] 8D51FC4D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KeStallExecutionProcessor] 8D52FD55
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!KfReleaseSpinLock] 8D51FE4D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8D52FF55
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!READ_PORT_USHORT] 8D51F84D
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 5052F455
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[HAL.dll!WRITE_PORT_UCHAR] EACAE856
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[WMILIB.SYS!WmiSystemControl] 0FC08520
IAT \SystemRoot\System32\Drivers\ane637ki.SYS[WMILIB.SYS!WmiCompleteRequest] 0001B185
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C83F40] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7C83EE0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7C83F90] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7C841C0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B7C83EE0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B7C83F40] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B7C841C0] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B7C83F90] \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[996] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[996] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 899151F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom 89564500
AttachedDevice \Driver\Tcpip \Device\Ip FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBPDO-0 895FE1F8
Device \Driver\usbuhci \Device\USBPDO-1 895FE1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 898AA1F8
Device \Driver\dmio \Device\DmControl\DmConfig 898AA1F8
Device \Driver\dmio \Device\DmControl\DmPnP 898AA1F8
Device \Driver\dmio \Device\DmControl\DmInfo 898AA1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{1FAE251F-2EE3-4C99-ADB6-2893DF0AD2BC} 880941F8
Device \Driver\usbuhci \Device\USBPDO-2 895FE1F8
Device \Driver\sptd \Device\1764434018 spxa.sys
Device \Driver\usbehci \Device\USBPDO-3 896861F8
AttachedDevice \Driver\Tcpip \Device\Tcp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 899171F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 899171F8
Device \Driver\Cdrom \Device\CdRom0 896101F8
Device \Driver\Cdrom \Device\CdRom1 896101F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom2 896101F8
Device \Driver\USBSTOR \Device\00000080 880321F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 880941F8
Device \Driver\NetBT \Device\NetbiosSmb 880941F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{54D6AD21-AE01-40D1-ACD3-50BAA18C245D} 880941F8
AttachedDevice \Driver\Tcpip \Device\Udp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp FILTNT.SYS (Virtual Firewall driver/Agnitum Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\PCI_PNP4018 \Device\0000005f spxa.sys
Device \Driver\PCI_PNP4018 \Device\0000005f spxa.sys
Device \Driver\usbuhci \Device\USBFDO-0 895FE1F8
Device \Driver\usbuhci \Device\USBFDO-1 895FE1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8808E1F8
Device \Driver\usbuhci \Device\USBFDO-2 895FE1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8808E1F8
Device \Driver\usbehci \Device\USBFDO-3 896861F8
Device \Driver\Ftdisk \Device\FtControl 899171F8
Device \Driver\USBSTOR \Device\0000007f 880321F8
Device \Driver\ane637ki \Device\Scsi\ane637ki1Port2Path0Target0Lun0 896621F8
Device \Driver\ane637ki \Device\Scsi\ane637ki1 896621F8
Device \FileSystem\Fastfat \Fat 89564500
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Cdfs \Cdfs 894AD500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x79 0xF6 0x67 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x02 0x1E 0x62 0x2E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC7 0xB7 0xD4 0xE0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x79 0xF6 0x67 0x1C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x02 0x1E 0x62 0x2E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC7 0xB7 0xD4 0xE0 ...
---- EOF - GMER 1.0.15 ----
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu-nenabehne windows
C:\Windows\System32\Drivers\ane637ki.SYS otestujte na VIRUSTOTALu
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
Přispějete na provoz fóra?