was referred here....video lagging (gopro, youtube, etc) [Solved]

got this error twice

Heres the 1st

OTL logfile created on: 1/4/2013 12:18:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 37.00% Memory free
1.95 Gb Paging File | 1.28 Gb Available in Paging File | 65.60% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.08 Gb Total Space | 85.29 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
Drive D: | 6.96 Gb Total Space | 1.19 Gb Free Space | 17.16% Space Free | Partition Type: FAT32

Computer Name: FAMILY | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/04 12:17:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\OTL.exe
PRC - [2013/01/02 22:49:54 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/12/04 19:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/19 13:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012/10/15 10:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/10/08 09:05:40 | 002,804,224 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/04 05:39:22 | 002,043,392 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13010400\algo.dll
MOD - [2012/12/04 19:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012/12/04 19:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012/12/04 19:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012/12/04 19:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012/12/04 19:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012/12/04 19:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012/12/04 19:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012/12/04 19:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012/11/15 10:50:39 | 000,285,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\fdf7b7c00d9731c8b13336b3343e03ca\Inkjet.Automation.ni.dll
MOD - [2012/11/15 10:50:30 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\6a689c6fd59e6f27228c4e1d4a478087\Inkjet.DeviceSettings.ni.dll
MOD - [2012/11/15 10:50:29 | 000,236,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\7ca8c7f5170fba6107f9473231aadd29\Inkjet.Localization.ni.dll
MOD - [2012/11/15 10:50:08 | 000,294,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\c5a684e3a9b091b5e3ff5ca0a177db64\Inkjet.Utilities.ni.dll
MOD - [2012/11/15 10:50:05 | 000,859,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\51ff40cee8e42f712f5adfe7f7f4a369\Inkjet.Hardware.ni.dll
MOD - [2012/11/15 10:50:04 | 000,182,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\ea41fbcc3f67ef728563fe6efad5a924\Inkjet.Statistics.ni.dll
MOD - [2012/11/15 10:49:59 | 000,081,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\5379a40227a39198d4471a9559300f80\Inkjet.Configuration.ni.dll
MOD - [2012/11/15 10:49:58 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\0158bd5fb5906c5a26053c3fbd470340\Inkjet.Diagnostics.ni.dll
MOD - [2012/11/15 10:49:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7ec47c4afad694faa491abd6b45928a\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 10:48:46 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
MOD - [2012/11/15 10:46:39 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
MOD - [2012/11/15 10:46:24 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
MOD - [2012/11/15 10:45:38 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
MOD - [2012/11/15 10:41:45 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012/11/15 10:41:21 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- F:\Program Files\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/01/03 19:01:00 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/02 22:49:54 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/11/29 02:27:36 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/19 13:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012/10/15 10:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COMPAQ~1.ALI\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/10/30 17:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 17:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 17:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 17:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/10/30 17:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/10/30 17:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/10/30 17:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/04/28 06:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 01:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/12/15 14:29:52 | 000,055,304 | ---- | M] (McAfee, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/02/13 13:02:51 | 000,011,520 | R--- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/26 22:38:10 | 000,499,328 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MRVW245.sys -- (MRVW245)
DRV - [2005/09/23 14:26:40 | 001,094,751 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/08/29 16:11:00 | 003,644,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005/04/14 22:12:12 | 000,175,616 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 12:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003/11/05 16:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60071
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.c...spx?tb_id=60071
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.c...w=%s&tbid=60071
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://midco.net/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/01/04 08:42:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2163: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1212: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\RobloxVersions\version-cbdc8c4c0dd24338\\NPRobloxProxy.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/03 20:58:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/01/03 18:47:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Mozilla\Extensions
[2012/11/04 17:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Mozilla\Firefox\extensions
[2012/11/04 17:58:48 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2013/01/03 20:58:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/29 02:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/29 02:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/29 02:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\RobloxVersions\version-cbdc8c4c0dd24338\\NPRobloxProxy.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: BitTorrentControl_v12 = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.18.20_0\
CHR - Extension: Privacy SafeGuard = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh\1.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/07/15 07:46:48 | 000,411,385 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14242 more lines...
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBitT.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentControl_v12 Toolbar) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files\BitTorrentControl_v12\prxtbBitT.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; BRI/2)" -"http://www.miniclip....unt-driver/en/" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\NPJPI150_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%20Twist/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.micr...loadManager.cab (Microsoft Download Manager ActiveX control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%20Twist/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B79CD0E0-7DB7-4724-A9D0-ED3179536593}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8A4D516-9CE5-41BA-BF9A-4A66BED4DE35}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\My Pictures\untitled234.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\My Pictures\untitled234.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{ed2b7a70-9841-11df-97b1-0015f2e3a205}\Shell - "" = AutoRun
O33 - MountPoints2\{ed2b7a70-9841-11df-97b1-0015f2e3a205}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ed2b7a70-9841-11df-97b1-0015f2e3a205}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/04 08:35:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/01/03 20:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/03 20:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/01/03 18:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013/01/03 18:47:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Mozilla
[2013/01/03 18:47:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/03 18:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/03 17:11:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Recent
[2013/01/02 23:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\ATI
[2013/01/02 23:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\ATI
[2013/01/02 23:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2013/01/02 23:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
[2013/01/02 23:10:57 | 000,000,000 | ---D | C] -- C:\ATI
[2013/01/02 22:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2013/01/02 22:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\SystemRequirementsLab
[2013/01/02 22:53:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Sun
[2013/01/02 22:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2013/01/02 22:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/02 22:16:23 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/01/02 22:16:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013/01/02 22:16:22 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/01/02 22:16:19 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/01/02 22:16:18 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/01/02 22:16:18 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/01/02 22:16:17 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013/01/02 22:16:17 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013/01/02 22:16:16 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013/01/02 22:15:31 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/01/02 22:15:30 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/01/02 22:15:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/01/02 22:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/12/27 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Start Menu\Programs\Demolition Derby and Figure 8 Race V1.22.3
[2012/12/27 20:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\DemoDerbyV1.22.3
[2012/12/27 18:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\brit
[2012/12/27 18:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\xmas
[2012/12/27 18:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\auction
[2012/12/27 18:49:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\My DVDs
[2012/12/10 17:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\Facebook
[2012/12/07 18:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\ParaNorman.2012.720p.BluRay.x264.DTS-HDChina
[2012/12/07 17:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Paranorman.2012.TS.NewAudio.XviD.AC3-ADTRG
[2012/09/22 02:17:56 | 000,800,824 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\DPInst.exe
[2012/09/22 02:17:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\gacutil.exe
[2012/09/22 02:17:56 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\PnPutil.exe
[1998/05/31 00:00:00 | 000,295,696 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\MSJTOR35.DLL

========== Files - Modified Within 30 Days ==========

[2013/01/04 12:28:40 | 002,509,878 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\screen.bmp
[2013/01/03 20:58:49 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/03 20:58:49 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/03 20:15:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/03 20:15:07 | 1541,984,256 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/03 20:01:08 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\Google Chrome.lnk
[2013/01/03 20:01:08 | 000,001,799 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/03 19:01:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/03 18:14:35 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/03 16:19:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd92f311c46cea.job
[2013/01/03 16:19:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/03 16:19:02 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/01/02 23:17:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013/01/02 22:19:37 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/01/02 22:16:23 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/01/02 22:16:18 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/01/02 22:16:18 | 000,000,328 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/12/27 23:45:50 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/27 20:17:24 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\DD&F8R V1.22.3.lnk
[2012/12/27 07:40:48 | 003,586,765 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\DSCN0366.jpg
[2012/12/26 20:42:26 | 001,550,746 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\HERO3 MANUAL.pdf
[2012/12/23 10:30:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MSDraw.ini
[2012/12/21 06:17:43 | 000,376,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/12/13 07:19:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/09 18:47:54 | 000,446,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/09 18:47:54 | 000,073,620 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/07 17:55:45 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/12/07 17:55:44 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2013/01/04 12:28:39 | 002,509,878 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\screen.bmp
[2013/01/03 20:58:49 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/03 20:58:49 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/03 20:58:49 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/03 20:01:08 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\Google Chrome.lnk
[2013/01/03 20:01:08 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/03 18:53:28 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/02 23:17:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/01/02 23:12:54 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2013/01/02 22:19:37 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/01/02 22:16:23 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/01/02 22:16:18 | 000,000,328 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/12/27 20:17:24 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\DD&F8R V1.22.3.lnk
[2012/12/27 07:40:46 | 003,586,765 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Desktop\DSCN0366.jpg
[2012/12/26 20:42:26 | 001,550,746 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\HERO3 MANUAL.pdf
[2012/12/23 10:30:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2012/11/29 22:02:16 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\dt.dat
[2012/11/23 11:40:01 | 000,000,289 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2012/11/04 20:26:31 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/09/22 02:17:56 | 000,000,181 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\gacutil.exe.config
[2012/08/02 15:47:12 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\rbxcsettings.rbx
[2012/02/27 23:02:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/27 18:19:31 | 000,005,733 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\r
[2011/02/15 20:50:46 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\fusioncache.dat
[2009/07/23 12:51:25 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/06 18:01:26 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\default.pls
[2009/06/27 14:52:05 | 000,002,240 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\wklnhst.dat

========== ZeroAccess Check ==========

[2005/11/27 14:23:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/11/10 14:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2013/01/02 22:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2006/06/24 17:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/09/07 01:49:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/07/04 17:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FirmTools
[2009/09/27 15:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/10/01 21:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2012/11/02 15:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrintProjects
[2006/06/16 13:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2010/07/15 10:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/11/02 15:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2007/12/08 15:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007/12/12 20:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/01 17:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/09/07 01:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\AVG2012
[2010/07/14 14:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\AVGTOOLBAR
[2010/09/11 23:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Big Fish Games
[2013/01/03 17:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\BitTorrent
[2010/09/06 12:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\BlamGames
[2010/09/11 23:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\ERS G-Studio
[2010/09/12 00:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Friday's games
[2009/07/20 01:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\funkitron
[2011/01/01 16:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\LimeWire
[2010/10/01 21:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\PlayFirst
[2011/09/07 01:30:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\PriceGong
[2009/06/11 21:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Skinux
[2010/07/25 20:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\SpinTop
[2013/01/02 22:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\SystemRequirementsLab
[2011/09/07 01:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Temp
[2009/07/31 02:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner.ALICE\Application Data\Template

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/02/06 05:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 18:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 18:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 11:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 04:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 06:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SVCHOST.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 18:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:67569BBB
@Alternate Data Stream - 190 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FBE5B8B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

second

OTL Extras logfile created on: 1/4/2013 12:18:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.44 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 37.00% Memory free
1.95 Gb Paging File | 1.28 Gb Available in Paging File | 65.60% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.08 Gb Total Space | 85.29 Gb Free Space | 60.03% Space Free | Partition Type: NTFS
Drive D: | 6.96 Gb Total Space | 1.19 Gb Free Space | 17.16% Space Free | Partition Type: FAT32

Computer Name: FAMILY | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
"C:\Program Files\DemoDerbyV1.22.3\DD&F8R.exe" = C:\Program Files\DemoDerbyV1.22.3\DD&F8R.exe:*:Enabled:Demolition Derby & Figure 8 Race Application -- (Auxiliary Power, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{02F6993D-B763-4F40-8F93-2A9CD97586E3}" = Microsoft IntelliType Pro 6.3
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1A722192-4AEA-4911-9F71-EBECEDC970B5}" = Newsflash
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3134052E-B1F0-465C-B320-5042095B1033}" = Nero 7 Essentials
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3513E1A8-276E-46B6-8EDF-14730D167D97}" = ProVenture Invoices
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{382E94C0-6E22-44e4-B003-8EB31DFE296F}" = cp_LightScribeConfig
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B445837-4FD0-468D-9CAA-7AA605EA612B}" = OLYMPUS Master 2
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}" = System Requirements Lab for Intel
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A974B6-F864-41AE-9F5A-0AAF7D40E884}" = PrintMaster 16
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A385AA5D-4B9C-4BB4-A3D9-8BA006D6E831}" = D-Link Wireless N USB Adapter DWA-130
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7FB6B99-C93C-4818-825B-37EF4B64C80C}" = PS_AIO_02_Software
"{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1" = Privacy SafeGuard version 1.1
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C104580B-1C79-4d73-9BF0-CA0B184296A4}" = cp_LightScribePlugin
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D25BDCF5-19F6-4d9e-B9C9-273FE81446C4}" = PS_AIO_02_ProductContext
"{D64BC2CF-0F12-47d7-B412-B4F3FD684253}" = HP Photosmart All-In-One Software 9.0
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DAF8B012-D559-4B8D-95C0-D98E1172E5C3}" = My Wal-Mart Digital Photo Center
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DCF4BA95-FDA5-4db4-9A39-CEC79F27D157}" = C8100
"{DDAC27F9-8293-465f-A4B0-011F1D38BBA1}" = RoxioShim
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{DE0110DE-30F8-4fc6-A537-D8328DB71869}" = C8100_doccd
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FE0AEC06-19B2-4eed-AB04-89E9EF546F73}" = C8100_Help
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"BitTorrentControl_v12 Toolbar" = BitTorrentControl_v12 Toolbar
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"Compaq Game Console" = Compaq Game Console and games
"Dark Tales - Edgar Allan Poes Murders in the Rue Morgue Collectors Edition 1.00" = Dark Tales - Edgar Allan Poes Murders in the Rue Morgue Collectors Edition 1.00
"Dream Cars 1.00" = Dream Cars 1.00
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 2.2.1
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Las Vegas Super Casino" = Las Vegas Super Casino
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Natalie Brooks Secrets of Treasure House 1.00" = Natalie Brooks Secrets of Treasure House 1.00
"OpDKey" = Operation
"PrintProjects" = PrintProjects
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"Shockwave" = Shockwave
"Slots 100" = Slots 100
"VLC media player" = VLC media player 1.1.11
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Compaq_Owner

========== Last 20 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

GMER report

GMER 2.0.18327 - http://www.gmer.net
Rootkit scan 2013-01-04 16:59:16
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12 SAMSUNG_SP1604N/R rev.TM100-24 149.05GB
Running: ozsch28y.exe; Driver: C:\DOCUME~1\COMPAQ~1.ALI\LOCALS~1\Temp\uwldypod.sys

---- System - GMER 2.0 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB4EE14BA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB4F8EC22]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0xB4EE1ED6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB4F23811]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB4EECFA8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB4EECFF4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB4EED176]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xB4F231C5]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB4EECF16]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB4EED038]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB4EECF5E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0xB4EE211C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB4EED130]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0xB4EE293E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB4EE1508]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB4F23ED7]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB4F2418D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB4EE61C2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB4F23D42]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB4F23BAD]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB4F8ECEA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB4EE1170]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB4EE1556]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB4EE6534]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB4EE33A6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB4EECFD2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB4EED016]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB4EED19A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xB4F23521]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB4EECF3C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB4EE5C3E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB4EED0BA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB4EECF86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB4EE5F14]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB4EED154]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB4F8EE4A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB4F23A28]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB4EE3272]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB4F2387A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0xB4EE2DD4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB4F9B7D2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB4F22838]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB4EE15A4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB4EE15F2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0xB4EE27BE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB4EE11FA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB4EE13AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB4F23FDE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB4EE1350]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0xB4EE2AF8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0xB4EE2C54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB4EE141A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateProcess [0xB4EE24D4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0xB4EE2636]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwUnloadDriver [0xB4F8D41C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB4EE1640]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwWriteVirtualMemory [0xB4EE1F1A]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB4FA7E56]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 2.0 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2D28 80504620 4 Bytes JMP 9CB4F8EC
.text ntkrnlpa.exe!ZwCallbackReturn + 2F28 80504820 12 Bytes [A4, 15, EE, B4, F2, 15, EE, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD0 805048C8 12 Bytes [F8, 2A, EE, B4, 54, 2C, EE, ...]
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A64B0 4 Bytes CALL B4EE3A77 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC55E 5 Bytes JMP B4FA4CF6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2FE2 5 Bytes JMP B4FA6810 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D119A 7 Bytes JMP B4FA7E5A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB98FC000, 0x1C5D38, 0xE8000020]
.text win32k.sys!EngFreeUserMem + 674 BF80991D 5 Bytes JMP B4EE7B4C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFreeUserMem + 35D0 BF80C879 5 Bytes JMP B4EE7A3C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF813911 5 Bytes JMP B4EE79F6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 11D3 BF81C56B 5 Bytes JMP B4EE70A8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 79A8 BF8240DB 5 Bytes JMP B4EE67C4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + F9C BF828A45 5 Bytes JMP B4EE7CB6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + 2C50 BF831490 5 Bytes JMP B4EE7EBE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + B687 BF839EC7 5 Bytes JMP B4EE78FC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!FONTOBJ_pxoGetXform + C2CF BF85176B 5 Bytes JMP B4EE6688 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + F17 BF85BC9A 5 Bytes JMP B4EE716A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 3581 BF85E304 5 Bytes JMP B4EE6C1E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 360C BF85E38F 5 Bytes JMP B4EE6EE4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 88 BF85F600 5 Bytes JMP B4EE6670 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 5466 BF8649DE 5 Bytes JMP B4EE7A86 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 3651 BF87322E 5 Bytes JMP B4EE6CDE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 418E BF873D6B 5 Bytes JMP B4EE6E9E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetLastError + 1606 BF890E66 5 Bytes JMP B4EE7182 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 26EE BF894410 5 Bytes JMP B4EE7BFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 583 BF894EE8 5 Bytes JMP B4EE7E1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 3862 BF89C29E 5 Bytes JMP B4EE7090 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 4DF7 BF89D833 5 Bytes JMP B4EE6834 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngEraseSurface + A977 BF8C1CCC 5 Bytes JMP B4EE6944 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1517 BF8CA15D 5 Bytes JMP B4EE6A1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1797 BF8CA3DD 5 Bytes JMP B4EE6B48 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3B2E BF8EBD71 5 Bytes JMP B4EE656A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + CB31 BF8F4D74 5 Bytes JMP B4EE70C0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1A40 BF914401 5 Bytes JMP B4EE6760 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2614 BF914FD5 5 Bytes JMP B4EE68F0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F8D BF91794E 5 Bytes JMP B4EE6FFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1934 BF947AAD 5 Bytes JMP B4EE7D74 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)

---- User code sections - GMER 2.0 ----

.text C:\WINDOWS\Explorer.EXE[128] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\Explorer.EXE[128] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[128] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\Explorer.EXE[128] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00371014
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00370804
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00370A08
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00370C0C
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00370E10
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003701F8
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003703FC
.text C:\WINDOWS\Explorer.EXE[128] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00370600
.text C:\WINDOWS\Explorer.EXE[128] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01AE0804
.text C:\WINDOWS\Explorer.EXE[128] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01AE0A08
.text C:\WINDOWS\Explorer.EXE[128] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01AE0600
.text C:\WINDOWS\Explorer.EXE[128] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 01AE01F8
.text C:\WINDOWS\Explorer.EXE[128] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 01AE03FC
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[192] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[192] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[192] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[192] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[388] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[388] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[388] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[388] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00B31014
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00B30804
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00B30A08
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00B30C0C
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00B30E10
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00B301F8
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00B303FC
.text C:\WINDOWS\system32\svchost.exe[388] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00B30600
.text C:\WINDOWS\System32\smss.exe[496] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003D1014
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003D0804
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003D0A08
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003D0C0C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003D0E10
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003D01F8
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003D03FC
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[560] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003D0600
.text C:\WINDOWS\system32\csrss.exe[576] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[576] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[616] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[616] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[664] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[664] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[676] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[676] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[828] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[828] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[864] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[864] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[900] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[900] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00BD1014
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00BD0804
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00BD0A08
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00BD0C0C
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00BD0E10
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00BD01F8
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00BD03FC
.text C:\WINDOWS\system32\svchost.exe[900] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00BD0600
.text C:\WINDOWS\system32\svchost.exe[900] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00B70804
.text C:\WINDOWS\system32\svchost.exe[900] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00B70A08
.text C:\WINDOWS\system32\svchost.exe[900] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00B70600
.text C:\WINDOWS\system32\svchost.exe[900] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 00B701F8
.text C:\WINDOWS\system32\svchost.exe[900] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 00B703FC
.text C:\WINDOWS\system32\svchost.exe[948] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[948] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1028] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1028] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003D1014
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003D0804
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003D0A08
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003D0C0C
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003D0E10
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003D01F8
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003D03FC
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003D0600
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003E0804
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003E0600
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Java\jre7\bin\jqs.exe[1056] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\system32\svchost.exe[1064] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1064] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[1100] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\Ati2evxx.exe[1100] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1200] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1216] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1216] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1216] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1216] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00A61014
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00A60804
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00A60A08
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00A60C0C
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00A60E10
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00A601F8
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00A603FC
.text C:\WINDOWS\system32\svchost.exe[1216] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00A60600
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 006E1014
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 006E0804
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 006E0A08
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 006E0C0C
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 006E0E10
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 006E01F8
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 006E03FC
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 006E0600
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 04F20804
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 04F20A08
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 04F20600
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 04F201F8
.text C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe[1280] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 04F203FC
.text C:\WINDOWS\system32\svchost.exe[1300] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1300] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1388] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1388] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1388] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, E4, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, E7, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, E4, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, E5, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91C2FE
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, E6, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, E5, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, E6, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91C36F
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, E4, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91C49D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, E5, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, E6, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, E7, EC, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 011601F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 011603FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 014B1014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 014B0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 014B0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 014B0C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 014B0E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 014B01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 014B03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 014B0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01C90804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01C90A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01C90600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 01C901F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1424] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 01C903FC
.text C:\WINDOWS\system32\spoolsv.exe[1440] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1440] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe[1860] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe[1860] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe[1860] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe[1860] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, B4, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, B7, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, B4, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, B5, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91D0CE
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, B6, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, B5, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, B6, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91D13F
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, B4, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91D26D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, B5, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, B6, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, B7, FA, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 012301F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 012303FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 01801014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 01800804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 01800A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 01800C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 01800E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 018001F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 018003FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 01800600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01FE0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01FE0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01FE0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 01FE01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[1936] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 01FE03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 54, A5, 00] {SUB [EBP+0x0], DL}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 57, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 54, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 55, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917B6E
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 56, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 55, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 56, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917BDF
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 54, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917D0D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 55, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 56, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 57, A5, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00CF01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00CF03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 01041014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 01040804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 01040A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 01040C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 01040E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 010401F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 010403FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 01040600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01820804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01820A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01820600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 018201F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2060] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 018203FC
.text C:\WINDOWS\System32\alg.exe[2308] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\System32\alg.exe[2308] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2308] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\System32\alg.exe[2308] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe[2576] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe[2576] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe[2576] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe[2576] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[3080] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[3080] kernel32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3276] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002C01F8
.text C:\WINDOWS\System32\svchost.exe[3276] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3276] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002C03FC
.text C:\WINDOWS\System32\svchost.exe[3276] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 009C1014
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 009C0804
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 009C0A08
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 009C0C0C
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 009C0E10
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 009C01F8
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 009C03FC
.text C:\WINDOWS\System32\svchost.exe[3276] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 009C0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 58, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 5B, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 58, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 59, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B917572
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 5A, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 59, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 5A, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9175E3
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 58, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917711
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 59, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 5A, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 5B, 9F, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00C801F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 00C803FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00FD1014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00FD0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00FD0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00FD0C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00FD0E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00FD01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00FD03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00FD0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 017B0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 017B0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 017B0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 017B01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3340] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 017B03FC
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003E1014
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003E0804
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003E0A08
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003E0C0C
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003E0E10
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003E01F8
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003E03FC
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003E0600
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003F0804
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003F0A08
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003F0600
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003F01F8
.text C:\Documents and Settings\Compaq_Owner.ALICE\My Documents\Downloads\ozsch28y.exe[3372] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003F03FC
.text C:\WINDOWS\system32\wuauclt.exe[3640] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 002D01F8
.text C:\WINDOWS\system32\wuauclt.exe[3640] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[3640] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 002D03FC
.text C:\WINDOWS\system32\wuauclt.exe[3640] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00901014
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00900804
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00900A08
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00900C0C
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00900E10
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 009001F8
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 009003FC
.text C:\WINDOWS\system32\wuauclt.exe[3640] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00900600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D8, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, DB, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D8, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D9, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9103F2
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, DA, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D9, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, DA, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B910463
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D8, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B910591
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D9, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, DA, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, DB, 2D, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 006B01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 006B03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00A01014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00A00804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00A00A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00A00C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00A00E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00A001F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00A003FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00A00600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 011E0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 011E0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 011E0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 011E01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3656] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 011E03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 003801F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 003803FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00EC1014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00EC0804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00EC0A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00EC0C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00EC0E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 00EC01F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 00EC03FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00EC0600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01580804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01580A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01580600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 015801F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3972] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 015803FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, D4, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, D7, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, D4, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, D5, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ECEE
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, D6, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, D5, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, D6, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED5F
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, D4, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EE8D
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, D5, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, D6, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, D7, 16, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 005401F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!RtlDosSearchPath_U + 186 7C916865 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ntdll.dll!LdrUnloadDll 7C9171CD 5 Bytes JMP 005403FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] KERNEL32.dll!GetBinaryTypeW + 80 7C868E04 1 Byte [62]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00891014
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00890804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00890A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00890C0C
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00890E10
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 008901F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 008903FC
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00890600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 01070804
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 01070A08
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 01070600
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 010701F8
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3996] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 010703FC

---- User IAT/EAT - GMER 2.0 ----

IAT C:\WINDOWS\system32\services.exe[664] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[664] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1388] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[1424] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 01000010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[1936] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 010D0010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[2060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00B90010
IAT C:\Program Files\AVAST Software\Avast\avastUI.exe[3080] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3340] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00B20010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00550010
IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3996] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002A0010

---- EOF - GMER 2.0 ----

was referred here....video lagging (gopro, youtube, etc) [Solved]

#1
demozast

Posted 03 January 2013 - 09:06 PM

Advertisements

#2
maliprog

Posted 04 January 2013 - 01:34 AM

#3
demozast

Posted 04 January 2013 - 04:59 PM

#4
maliprog

Posted 05 January 2013 - 06:07 AM

#5
maliprog

Posted 10 January 2013 - 01:38 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

was referred here....video lagging (gopro, youtube, etc) [Solved]

#1 demozast Posted 03 January 2013 - 09:06 PM

Advertisements

#2 maliprog Posted 04 January 2013 - 01:34 AM

#3 demozast Posted 04 January 2013 - 04:59 PM

#4 maliprog Posted 05 January 2013 - 06:07 AM

#5 maliprog Posted 10 January 2013 - 01:38 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
demozast

Posted 03 January 2013 - 09:06 PM

#2
maliprog

Posted 04 January 2013 - 01:34 AM

#3
demozast

Posted 04 January 2013 - 04:59 PM

#4
maliprog

Posted 05 January 2013 - 06:07 AM

#5
maliprog

Posted 10 January 2013 - 01:38 AM