Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Global Windows Support Phone Call?


  • Please log in to reply
14 replies to this topic

#1 FluffyPup

FluffyPup

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 29 March 2012 - 04:49 PM

I just got a call from someone claiming to be with Windows Global Support. They are calling because I have a Windows product that has been sending out errors. They feel I have an online infection and want to help me. Really?

They are right in that there are Errors and Warnings listed in the Computer Management Windows logs. I really don't know what to think.

Anyone else run into this?

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:39 PM

Posted 29 March 2012 - 05:00 PM

That would be called a scam.

#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,068 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:06:39 AM

Posted 29 March 2012 - 05:01 PM

This is a scam! Do not cooperate with these callers at all.

From http://www.microsoft.com/security/online-privacy/msname.aspx

Microsoft does not make unsolicited phone calls to help you fix your computer

In this scam cybercriminals call you and claim to be from Microsoft Tech Support. They offer to help solve your computer problems. Once the crooks have gained your trust, they attempt to steal from you and damage your computer with malicious software including viruses and spyware.

Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It's better to avoid being conned rather than try to repair the damage afterwards.

Treat all unsolicited phone calls with skepticism. Do not provide any personal information.

If you receive an unsolicited call from someone claiming to be from Microsoft Tech Support, hang up. We do not make these kinds of calls.

(emphasis is original)
See also: http://blogs.msdn.com/b/securitytipstalk/archive/2010/03/09/don-t-fall-for-phony-phone-tech-support.aspx

The 'errors' which the scammers showed you are most likely mundane and perfectly normal. If you have been experiencing problematic symptoms then we can help you with them; if not then ignore the calls (or report them to the authorities.)

Edited by Andrew, 29 March 2012 - 05:06 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.
x.png
Boredom Software Stop Highlighting Things

#4 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 29 March 2012 - 05:05 PM

Thank you for confirming that.

The website he directed me to is

www.thewindowscare.com

He was obviously calling from a boiler room.

He had me look in the Computer Management, Windows logs. He was right. There are several Red Errors and Warnings. Do I need to follow up on the Error or Warnings in the logs?

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:39 PM

Posted 29 March 2012 - 05:06 PM

Well since you posted in the AII might as well get a check up:

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can. If you have performed any of the scans below post the logs for those scans, and then perform the ones you have not done.

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

Those red errors and warnings could be nothing, because sometimes Windows just doesn't work as we want.

#6 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,068 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:06:39 AM

Posted 29 March 2012 - 05:08 PM

He had me look in the Computer Management, Windows logs. He was right. There are several Red Errors and Warnings. Do I need to follow up on the Error or Warnings in the logs?

Most likely not. Errors which appear in the log are generally of the type "Hey, this thing happened but I took care of it or it's no big deal." Serious errors which require attention almost always get presented directly to the user.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.
x.png
Boredom Software Stop Highlighting Things

#7 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 29 March 2012 - 05:16 PM

:~)


The real question in the back of my mind was, "I am just walking out the door with an RMA for one of my computer. Maybe I don't need to ship it in for repair after all." Okay, I trust my troubleshooting more than a scammer. Still, I was hopeful I might have gotten out shipping. I am off to the shipping store. Will be back later to run through all of this with my second computer.

Love you guys!

Edited by FluffyPup, 29 March 2012 - 05:18 PM.


#8 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 09:14 AM

Results of screen317's Security Check version 0.99.32
Windows Vista Service Pack 2 x86 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Internet Security
ESET Online Scanner v3
SonicStage Mastering Studio Audio Filter Custom Preset
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

CCleaner
Java™ 7 Update 3
Adobe Flash Player 11.1.102.55
Adobe Reader X (10.1.2)
Mozilla Firefox (9.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Malwarebytes' Anti-Malware mbamservice.exe
Windows Defender MSASCui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````



Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.29.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19190
FluffyPup :: USER-PC [administrator]

3/29/2012 7:40:22 PM
mbam-log-2012-03-29 (19-40-22).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 912575
Time elapsed: 6 hour(s), 39 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:39 PM

Posted 30 March 2012 - 12:24 PM

Can you do the others?

#10 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 03:30 PM

Yes. Something like work got in the way. :~)

Doing SuperAntiSpyware now.

#11 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 06:47 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/30/2012 at 04:14 PM

Application Version : 5.0.1146

Core Rules Database Version : 8402
Trace Rules Database Version: 6214

Scan type : Complete Scan
Total Scan Time : 00:34:49

Operating System Information
Windows Vista Business 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 660
Memory threats detected : 0
Registry items scanned : 36631
Registry threats detected : 0
File items scanned : 30591
File threats detected : 0

#12 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 07:42 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-30 17:18:43
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST9200420AS rev.3.AAA
Running: 5vv1qicm.exe; Driver: C:\Users\FLUFFY~1\AppData\Local\Temp\kxldapob.sys
---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x8FC1CDF8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x900CBA5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x8FC1D85E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x8FC222E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x8FC22330]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x8FC22422]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x8FC22252]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0x8FC22374]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x8FC2229A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x8FC223DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x8FC1CE44]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x900CBB34]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x8FC1CAD6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x8FC1CE90]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x8FC1FD1C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x8FC1DB02]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x8FC2230E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x8FC22352]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x8FC22446]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x8FC22278]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x8FC223AE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x8FC222C2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x8FC22400]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x900CBCA0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x8FC1D9CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x8FC1CEDC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x8FC1CF28]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x8FC1CB46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x8FC1CCEA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x8FC1CC92]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x8FC1CD5A]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x82FCC640]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x8FC1CF74]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x900CBBE0]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x900E1D92]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 10D 81EFE890 4 Bytes [F8, CD, C1, 8F]
.text ntkrnlpa.exe!KeSetEvent + 131 81EFE8B4 4 Bytes [5A, BA, 0C, 90]
.text ntkrnlpa.exe!KeSetEvent + 191 81EFE914 4 Bytes [5E, D8, C1, 8F]
.text ntkrnlpa.exe!KeSetEvent + 1D1 81EFE954 8 Bytes [E4, 22, C2, 8F, 30, 23, C2, ...]
.text ntkrnlpa.exe!KeSetEvent + 1DD 81EFE960 4 Bytes [22, 24, C2, 8F]
.text ...
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8202962F 5 Bytes JMP 900DEC8C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 82082543 5 Bytes JMP 900E074C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110 8208BE68 4 Bytes CALL 8FC1E1B5 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121 8208FADC 4 Bytes CALL 8FC1E1CB \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 820E3DCA 7 Bytes JMP 900E1D96 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E200340, 0x3441C7, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\csrss.exe[624] KERNEL32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\spoolsv.exe[628] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\System32\spoolsv.exe[628] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\System32\spoolsv.exe[628] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000A03FC
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 000A0600
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 000A1014
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 000A0804
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 000A0A08
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 000A0C0C
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 000A0E10
.text C:\Windows\System32\spoolsv.exe[628] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000A01F8
.text C:\Windows\System32\spoolsv.exe[628] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00180600
.text C:\Windows\System32\spoolsv.exe[628] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00180804
.text C:\Windows\System32\spoolsv.exe[628] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00180A08
.text C:\Windows\System32\spoolsv.exe[628] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001801F8
.text C:\Windows\System32\spoolsv.exe[628] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001803FC
.text C:\Windows\system32\wininit.exe[684] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000301F8
.text C:\Windows\system32\wininit.exe[684] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000303FC
.text C:\Windows\system32\wininit.exe[684] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000903FC
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00090600
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00091014
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00090804
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00090A08
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00090C0C
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00090E10
.text C:\Windows\system32\wininit.exe[684] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000901F8
.text C:\Windows\system32\wininit.exe[684] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000A0600
.text C:\Windows\system32\wininit.exe[684] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000A0804
.text C:\Windows\system32\wininit.exe[684] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000A0A08
.text C:\Windows\system32\wininit.exe[684] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000A01F8
.text C:\Windows\system32\wininit.exe[684] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000A03FC
.text C:\Windows\system32\csrss.exe[696] KERNEL32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\services.exe[728] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\services.exe[728] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\services.exe[728] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000803FC
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00080600
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00081014
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00080804
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00080A08
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00080C0C
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00080E10
.text C:\Windows\system32\services.exe[728] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000801F8
.text C:\Windows\system32\services.exe[728] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00090600
.text C:\Windows\system32\services.exe[728] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00090804
.text C:\Windows\system32\services.exe[728] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00090A08
.text C:\Windows\system32\services.exe[728] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000901F8
.text C:\Windows\system32\services.exe[728] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000903FC
.text C:\Windows\system32\lsass.exe[740] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\lsass.exe[740] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\lsass.exe[740] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\lsass.exe[740] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\lsass.exe[740] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00090600
.text C:\Windows\system32\lsass.exe[740] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00090804
.text C:\Windows\system32\lsass.exe[740] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00090A08
.text C:\Windows\system32\lsass.exe[740] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000901F8
.text C:\Windows\system32\lsass.exe[740] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000903FC
.text C:\Windows\system32\lsm.exe[752] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\lsm.exe[752] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\lsm.exe[752] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\lsm.exe[752] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[888] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000C0600
.text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000C0804
.text C:\Windows\system32\svchost.exe[888] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000C0A08
.text C:\Windows\system32\svchost.exe[888] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000C01F8
.text C:\Windows\system32\svchost.exe[888] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000C03FC
.text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[892] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[892] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000901F8
.text C:\Windows\system32\svchost.exe[964] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000903FC
.text C:\Windows\system32\svchost.exe[964] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000B03FC
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 000B0600
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 000B1014
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 000B0804
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 000B0A08
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 000B0C0C
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 000B0E10
.text C:\Windows\system32\svchost.exe[964] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000B01F8
.text C:\Windows\system32\svchost.exe[964] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 001C0600
.text C:\Windows\system32\svchost.exe[964] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 001C0804
.text C:\Windows\system32\svchost.exe[964] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 001C0A08
.text C:\Windows\system32\svchost.exe[964] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001C01F8
.text C:\Windows\system32\svchost.exe[964] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001C03FC
.text C:\Windows\System32\svchost.exe[1000] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[1000] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[1000] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[1000] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000F0600
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000F0804
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000F0A08
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000F01F8
.text C:\Windows\System32\svchost.exe[1000] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000F03FC
.text C:\Windows\system32\winlogon.exe[1072] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000301F8
.text C:\Windows\system32\winlogon.exe[1072] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000303FC
.text C:\Windows\system32\winlogon.exe[1072] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000503FC
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00050600
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00051014
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00050804
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00050A08
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00050C0C
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00050E10
.text C:\Windows\system32\winlogon.exe[1072] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000501F8
.text C:\Windows\system32\winlogon.exe[1072] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00060600
.text C:\Windows\system32\winlogon.exe[1072] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00060804
.text C:\Windows\system32\winlogon.exe[1072] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00060A08
.text C:\Windows\system32\winlogon.exe[1072] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000601F8
.text C:\Windows\system32\winlogon.exe[1072] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000603FC
.text C:\Windows\System32\svchost.exe[1100] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[1100] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[1100] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[1100] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\System32\svchost.exe[1100] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00110600
.text C:\Windows\System32\svchost.exe[1100] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00110804
.text C:\Windows\System32\svchost.exe[1100] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00110A08
.text C:\Windows\System32\svchost.exe[1100] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001101F8
.text C:\Windows\System32\svchost.exe[1100] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001103FC
.text C:\Windows\System32\svchost.exe[1148] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[1148] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[1148] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[1148] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\System32\svchost.exe[1148] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00D00600
.text C:\Windows\System32\svchost.exe[1148] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00D00804
.text C:\Windows\System32\svchost.exe[1148] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00D00A08
.text C:\Windows\System32\svchost.exe[1148] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 00D001F8
.text C:\Windows\System32\svchost.exe[1148] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 00D003FC
.text C:\Windows\system32\svchost.exe[1160] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[1160] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[1160] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[1160] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[1160] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000D0600
.text C:\Windows\system32\svchost.exe[1160] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000D0804
.text C:\Windows\system32\svchost.exe[1160] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000D0A08
.text C:\Windows\system32\svchost.exe[1160] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000D01F8
.text C:\Windows\system32\svchost.exe[1160] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000D03FC
.text C:\Program Files\Apoint\Apntex.exe[1232] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Program Files\Apoint\Apntex.exe[1232] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Program Files\Apoint\Apntex.exe[1232] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Apoint\Apntex.exe[1232] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Apoint\Apntex.exe[1232] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Apoint\Apntex.exe[1232] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Apoint\Apntex.exe[1232] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8

#13 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 07:43 PM

.text C:\Program Files\Apoint\Apntex.exe[1232] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Apoint\Apntex.exe[1232] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001801F8
.text C:\Windows\system32\AUDIODG.EXE[1264] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1300] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[1300] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[1300] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[1300] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[1400] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[1400] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[1400] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000C03FC
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 000C0600
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 000C1014
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 000C0804
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 000C0A08
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 000C0C0C
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 000C0E10
.text C:\Windows\system32\svchost.exe[1400] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000C01F8
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00C30600
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00C30804
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00C30A08
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 00C301F8
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 00C303FC
.text C:\Windows\System32\rundll32.exe[1500] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000601F8
.text C:\Windows\System32\rundll32.exe[1500] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000603FC
.text C:\Windows\System32\rundll32.exe[1500] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\rundll32.exe[1500] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00070600
.text C:\Windows\System32\rundll32.exe[1500] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00070804
.text C:\Windows\System32\rundll32.exe[1500] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00070A08
.text C:\Windows\System32\rundll32.exe[1500] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000701F8
.text C:\Windows\System32\rundll32.exe[1500] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000703FC
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000903FC
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00090600
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00091014
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00090804
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00090A08
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00090C0C
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00090E10
.text C:\Windows\System32\rundll32.exe[1500] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000901F8
.text C:\Windows\system32\svchost.exe[1556] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[1556] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[1556] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000803FC
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00080600
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00081014
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00080804
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00080A08
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00080C0C
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00080E10
.text C:\Windows\system32\svchost.exe[1556] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000801F8
.text C:\Windows\system32\svchost.exe[1556] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000C0600
.text C:\Windows\system32\svchost.exe[1556] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000C0804
.text C:\Windows\system32\svchost.exe[1556] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000C0A08
.text C:\Windows\system32\svchost.exe[1556] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000C01F8
.text C:\Windows\system32\svchost.exe[1556] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000C03FC
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001501F8
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001503FC
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Protector Suite QL\upeksvr.exe[1656] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001801F8
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00080600
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00080804
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00080A08
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000801F8
.text C:\Program Files\Windows Defender\MSASCui.exe[1844] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000803FC
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1900] kernel32.dll!SetUnhandledExceptionFilter 7637A8C5 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1900] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\afwServ.exe[1952] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\SearchIndexer.exe[2100] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\SearchIndexer.exe[2100] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\SearchIndexer.exe[2100] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\SearchIndexer.exe[2100] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\SearchIndexer.exe[2100] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00100600
.text C:\Windows\system32\SearchIndexer.exe[2100] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00100804
.text C:\Windows\system32\SearchIndexer.exe[2100] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00100A08
.text C:\Windows\system32\SearchIndexer.exe[2100] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001001F8
.text C:\Windows\system32\SearchIndexer.exe[2100] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001003FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00970600
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00970804
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00970A08
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 009701F8
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 009703FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 009803FC
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00980600
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00981014
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00980804
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00980A08
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00980C0C
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00980E10
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!CreateServiceA 75BF72A1 3 Bytes JMP 009801F8
.text C:\Program Files\SUPERAntiSpyware\SASCORE.EXE[2148] ADVAPI32.dll!CreateServiceA + 4 75BF72A5 1 Byte [8A]
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Common Files\Motive\McciCMService.exe[2348] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001801F8
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000D01F8
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000D03FC
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001103FC
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00110600
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00111014
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00110804
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00110A08
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00110C0C
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00110E10
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001101F8
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00120600
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00120804
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00120A08
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001201F8
.text C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2372] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001203FC
.text C:\Windows\system32\svchost.exe[2404] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[2404] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[2404] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[2404] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[2404] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00130600
.text C:\Windows\system32\svchost.exe[2404] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00130804
.text C:\Windows\system32\svchost.exe[2404] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00130A08
.text C:\Windows\system32\svchost.exe[2404] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001301F8
.text C:\Windows\system32\svchost.exe[2404] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001303FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000901F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000903FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000B03FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 000B0600
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 000B1014
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 000B0804
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 000B0A08
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 000B0C0C
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 000B0E10
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000B01F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00B10600
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00B10804
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00B10A08
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 00B101F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2420] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 00B103FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000D01F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000D03FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000F03FC
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 000F0600
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 000F1014
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 000F0804
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 000F0A08
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 000F0C0C
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 000F0E10
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000F01F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00100600
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00100804
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00100A08
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001001F8
.text C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2440] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001003FC
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001601F8
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001603FC
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000401F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000403FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000603FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00060600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00061014
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00060804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00060A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00060C0C
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00060E10
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000601F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00070600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00070804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00070A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000701F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2576] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000703FC
.text C:\Windows\system32\stacsv.exe[2692] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Windows\system32\stacsv.exe[2692] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Windows\system32\stacsv.exe[2692] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001603FC
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00160600
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00161014
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00160804
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00160A08
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00160C0C
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00160E10
.text C:\Windows\system32\stacsv.exe[2692] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001601F8
.text C:\Windows\system32\stacsv.exe[2692] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Windows\system32\stacsv.exe[2692] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Windows\system32\stacsv.exe[2692] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Windows\system32\stacsv.exe[2692] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Windows\system32\stacsv.exe[2692] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Windows\system32\svchost.exe[2708] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[2708] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[2708] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[2708] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00160600
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00160804
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00160A08
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001601F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001603FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001703FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00170600
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00171014
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00170804
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00170A08
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00170C0C
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00170E10
.text C:\Program Files\Sony\VAIO Event Service\VESMgr.exe[2760] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001701F8
.text C:\Windows\System32\svchost.exe[2784] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[2784] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[2784] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[2784] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001603FC
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00160600
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00161014
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00160804
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00160A08
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00160C0C
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00160E10
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001601F8
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Windows\system32\DRIVERS\xaudio.exe[2872] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Apoint\Apoint.exe[2980] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Program Files\Apoint\Apoint.exe[2980] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Program Files\Apoint\Apoint.exe[2980] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Apoint\Apoint.exe[2980] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00160600
.text C:\Program Files\Apoint\Apoint.exe[2980] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00160804
.text C:\Program Files\Apoint\Apoint.exe[2980] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00160A08
.text C:\Program Files\Apoint\Apoint.exe[2980] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001601F8
.text C:\Program Files\Apoint\Apoint.exe[2980] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001603FC
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001703FC
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00170600
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00171014
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00170804
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00170A08
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00170C0C
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00170E10
.text C:\Program Files\Apoint\Apoint.exe[2980] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001701F8
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001501F8
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001503FC
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001801F8
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00190600
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00190804
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00190A08
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001901F8
.text C:\Program Files\Sony\ISB Utility\ISBMgr.exe[3012] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001903FC
.text C:\Windows\system32\WUDFHost.exe[3016] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\WUDFHost.exe[3016] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\WUDFHost.exe[3016] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\WUDFHost.exe[3016] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\WUDFHost.exe[3016] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00080600
.text C:\Windows\system32\WUDFHost.exe[3016] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00080804
.text C:\Windows\system32\WUDFHost.exe[3016] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\WUDFHost.exe[3016] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\WUDFHost.exe[3016] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000803FC
.text C:\Windows\system32\svchost.exe[3028] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[3028] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[3028] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[3028] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001401F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001403FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001803FC
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00180600
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00181014
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00180804
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00180A08
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00180C0C
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00180E10
.text C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe[3152] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001801F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000401F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000403FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000603FC
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00060600
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00061014
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00060804
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00060A08
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00060C0C
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00060E10
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000601F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00070600
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00070804
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00070A08
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000701F8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3496] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000703FC
.text C:\Windows\System32\rundll32.exe[3504] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000601F8
.text C:\Windows\System32\rundll32.exe[3504] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000603FC
.text C:\Windows\System32\rundll32.exe[3504] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\System32\rundll32.exe[3504] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Windows\System32\rundll32.exe[3504] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Windows\System32\rundll32.exe[3504] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Windows\System32\rundll32.exe[3504] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Windows\System32\rundll32.exe[3504] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001903FC
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00190600
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00191014
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00190804
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00190A08
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00190C0C
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00190E10
.text C:\Windows\System32\rundll32.exe[3504] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001901F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000C0600
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000C0804
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000C0A08
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000C01F8
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3572] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000C03FC
.text C:\Windows\system32\Dwm.exe[3624] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\Dwm.exe[3624] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\Dwm.exe[3624] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\Dwm.exe[3624] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\Dwm.exe[3624] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00080600
.text C:\Windows\system32\Dwm.exe[3624] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00080804
.text C:\Windows\system32\Dwm.exe[3624] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\Dwm.exe[3624] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\Dwm.exe[3624] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000803FC
.text C:\Windows\system32\taskeng.exe[3656] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\taskeng.exe[3656] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\taskeng.exe[3656] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\taskeng.exe[3656] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\taskeng.exe[3656] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 000C0600
.text C:\Windows\system32\taskeng.exe[3656] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 000C0804
.text C:\Windows\system32\taskeng.exe[3656] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 000C0A08
.text C:\Windows\system32\taskeng.exe[3656] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000C01F8
.text C:\Windows\system32\taskeng.exe[3656] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000C03FC
.text C:\Windows\Explorer.EXE[3692] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\Explorer.EXE[3692] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\Explorer.EXE[3692] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\Explorer.EXE[3692] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\Explorer.EXE[3692] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00080600
.text C:\Windows\Explorer.EXE[3692] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00080804
.text C:\Windows\Explorer.EXE[3692] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00080A08
.text C:\Windows\Explorer.EXE[3692] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000801F8
.text C:\Windows\Explorer.EXE[3692] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000803FC
.text C:\Windows\system32\taskeng.exe[3712] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 000501F8
.text C:\Windows\system32\taskeng.exe[3712] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 000503FC
.text C:\Windows\system32\taskeng.exe[3712] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 000703FC
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00070600
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00071014
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00070804
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00070A08
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00070C0C
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00070E10
.text C:\Windows\system32\taskeng.exe[3712] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 000701F8
.text C:\Windows\system32\taskeng.exe[3712] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00080600
.text C:\Windows\system32\taskeng.exe[3712] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00080804
.text C:\Windows\system32\taskeng.exe[3712] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00080A08
.text C:\Windows\system32\taskeng.exe[3712] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 000801F8
.text C:\Windows\system32\taskeng.exe[3712] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 000803FC
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001501F8
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001503FC
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001703FC
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00170600
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00171014
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00170804
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00170A08
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00170C0C
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00170E10
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001701F8
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00180600
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00180804
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00180A08
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001801F8
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3748] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001803FC
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ntdll.dll!LdrLoadDll 774F9378 5 Bytes JMP 001501F8
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ntdll.dll!LdrUnloadDll 7750B680 5 Bytes JMP 001503FC
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] USER32.dll!SetWindowsHookExA 76586322 5 Bytes JMP 00170600
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] USER32.dll!SetWindowsHookExW 765887AD 5 Bytes JMP 00170804
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] USER32.dll!UnhookWindowsHookEx 765898DB 5 Bytes JMP 00170A08
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] USER32.dll!SetWinEventHook 76589F3A 5 Bytes JMP 001701F8
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] USER32.dll!UnhookWinEvent 7658C06F 5 Bytes JMP 001703FC
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!CreateServiceW 75BB9EB4 5 Bytes JMP 001903FC
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!DeleteService 75BBA07E 5 Bytes JMP 00190600
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!SetServiceObjectSecurity 75BF6CD9 5 Bytes JMP 00191014
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!ChangeServiceConfigA 75BF6DD9 5 Bytes JMP 00190804
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!ChangeServiceConfigW 75BF6F81 5 Bytes JMP 00190A08
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!ChangeServiceConfig2A 75BF7099 5 Bytes JMP 00190C0C
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!ChangeServiceConfig2W 75BF71E1 5 Bytes JMP 00190E10
.text C:\Program Files\Apoint\ApMsgFwd.exe[3824] ADVAPI32.dll!CreateServiceA 75BF72A1 5 Bytes JMP 001901F8
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4092] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]
.text C:\Users\FluffyPup\Desktop\5vv1qicm.exe[5612] kernel32.dll!GetBinaryTypeW + 70 763A2467 1 Byte [62]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1900] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72EFF6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\AVAST Software\Avast\afwServ.exe[1952] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72EFF6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CloseHandle] 7FCF15E5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7FF767AB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7FF76698
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7FF7066D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SizeofResource] 7FF60547
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 7FF604E9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FindResourceA] 7FF6036E
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!ReadFile] 7FF632CC
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7FF73828
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 7FF7815B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetFileAttributesExW] 7FF61D93
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SearchPathW] 7FF74760
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!_lclose] 7FF61818
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetFileSize] 7FF63DD8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] 7FF64528
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] 7FF66269
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FindFirstFileExW] 7FF6B739
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FindNextFileW] 7FF6B95F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetFileTime] 7FF63E91
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetPrivateProfileIntW] 7FF5E0C2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!RaiseException] 7FF7C8D0
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibraryAndExitThread] 7FF77D7B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DuplicateHandle] 7FF65A0F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 7FF7094F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7FF76F3D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FindClose] 7FF6BC00
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WaitForSingleObject] 7FF7B3B5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FindResourceExW] 7FF604BB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetLongPathNameW] 7FF6C632
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MapViewOfFile] 7FF68F59
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!UnmapViewOfFile] 7FF68F76
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileMappingW] 7FF6942A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7FF706C2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FormatMessageW] 7FF7B82F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OutputDebugStringW] 7FF7B951
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetFilePointer] 7FF63F1F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] 7FF642D1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] 7FF65D52
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 7FF63B27
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetCommandLineW] 7FF77B30
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!TerminateProcess] 7FF7716B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetFileAttributesW] 7FF61F31
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] 7FF62E87
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7FF76742
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WaitForSingleObject] 7FF7B3B5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] 7FF6BC00
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] 7FF6B3C1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!IsBadReadPtr] 7FF7C7D9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DuplicateHandle] 7FF65A0F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualQuery] 7FF7C840
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 7FF76F3D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 7FF7815B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibraryAndExitThread] 7FF77D7B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!RaiseException] 7FF7C8D0
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!OutputDebugStringW] 7FF7B951
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetFilePointer] 7FF63F1F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!MapViewOfFileEx] 7FF68EF8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileMappingW] 7FF6942A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!MapViewOfFile] 7FF68F59
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!OpenFileMappingW] 7FF69536
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!UnmapViewOfFile] 7FF68F76
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] 7FF74760
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 7FF7B09E
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] 7FF642D1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetCommandLineW] 7FF77B30
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetFileTime] 7FF66BD0
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LockFile] 7FF622ED
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!UnlockFile] 7FF62395
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileTime] 7FF63E91
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileType] 7FF65B6B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileSize] 7FF63DD8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 7FF7C729
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 7FF63B27
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileInformationByHandle] 7FF61A3C
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!TerminateProcess] 7FF7716B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] 7FF664B9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] 7FF61D93
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] 7FF62E87
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 7FF76742
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CloseHandle] 7FCF15E5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] 7FF61F31
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7FF706C2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 7FF7094F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 7FF76698
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7FF73828
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7FF767AB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!ReadFile] 7FF632CC
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualProtect] 7FF7C77A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 7FF707BD
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadIconW] 7FF60341
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!SetWindowsHookExW] 7FF5F1B6
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadCursorW] 7FF5FFF6
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!SetClipboardData] 7FF60D8F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!RegisterClassW] 7FF5FB1F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!UnregisterClassW] 7FF5FC9D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] 7FF5F8B8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateDialogParamW] 7FF5FD64
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] 7FF60A7A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadStringW] 7FF600C9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] 7FCF0680
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 7FCF16F5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenUserClassesRoot] 7FCEECA1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyExW] 7FCF1F7F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumValueW] 7FCF0057
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyA] 7FCF1770
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyA] 7FCF249F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyW] 7FCEFF4D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] 7FCF2382
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyA] 7FCEFADC
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 7FCF167A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyW] 7FCF1978
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCloseKey] 7FCF15CA
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 7FCF0FD3
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] 7FCF0B58
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 7FCF25A4
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 7FCEF060
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] 7FCF08BF
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 7FCF0C77
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] 7FCF0AEE
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] 7FF5DE9F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] 7FF6B95F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileInformationByHandle] 7FF61A3C
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DuplicateHandle] 7FF65A0F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetCurrentDirectoryW] 7FF6693D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] 7FF5DCB6
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] 7FF5E2E5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] 7FF5E508
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualProtect] 7FF7C77A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7FF7C729
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualQuery] 7FF7C840
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileTime] 7FF63E91
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SizeofResource] 7FF60547
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!OutputDebugStringW] 7FF7B951
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!OutputDebugStringA] 7FF7B902
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RaiseException] 7FF7C8D0
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] 7FF66898
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetExitCodeProcess] 7FF7B2B8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!TerminateProcess] 7FF7716B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ExitProcess] 7FF775B3
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] 7FF66269
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 7FF7815B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7FF76F3D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 7FF7B09E
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] 7FF65D52
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FormatMessageW] 7FF7B82F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] 7FF6B3C1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] 7FF6BC00
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 7FF707BD
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibraryAndExitThread] 7FF77D7B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] 7FF663AA
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] 7FF61E80
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] 7FF74760
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFilePointer] 7FF63F1F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] 7FF5E0C2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetEnvironmentVariableW] 7FCF2EF2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] 7FF5D7FB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!EnumResourceNamesW] 7FF60290
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 7FF63B27
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] 7FF66B23
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] 7FF642D1
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] 7FF6212A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] 7FF61F31
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindResourceW] 7FF60462
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 7FF604E9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileMappingW] 7FF6942A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MapViewOfFile] 7FF68F59
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!UnmapViewOfFile] 7FF68F76
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7FF706C2
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7FF767AB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] 7FF664B9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 7FF7094F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 7FF76742
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7FF73828
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] 7FF62E87
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReadFile] 7FF632CC
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CloseHandle] 7FCF15E5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileTime] 7FF66BD0
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] 7FF61D93
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WaitForSingleObject] 7FF7B3B5
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 7FF76698
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] 7FF6C632
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileSize] 7FF63DD8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindResourceExW] 7FF604BB
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] 7FF5F1B6
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClassInfoExW] 7FF5F4B3
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] 7FF5F8B8
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetClipboardData] 7FF60D8F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadAcceleratorsW] 7FF5FE2B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClassInfoW] 7FF5F43B
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!RegisterClassExW] 7FF5FC38
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] 7FF6016C
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadMenuW] 7FF5FE66
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadStringA] 7FF60057
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!UnregisterClassW] 7FF5FC9D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadBitmapW] 7FF6003D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadCursorW] 7FF5FFF6
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!RegisterClassW] 7FF5FB1F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadIconW] 7FF60341
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] 7FF60A7A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadStringW] 7FF600C9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] 7FF5F531
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateDialogParamW] 7FF5FD64
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetMenu] 7FF60C0C
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] 7FCF0B58
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 7FCEF060
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] 7FCF08BF
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyW] 7FCF1978
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumValueW] 7FCF0057
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 7FCF25A4
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyW] 7FCEFF4D
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] 7FCF2382
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyA] 7FCEFADC
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyExW] 7FCF1F7F
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] 7FCF0680
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 7FCF0FD3
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 7FCF167A
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyW] 7FCEEFB9
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenCurrentUser] 7FCEEE34
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] 7FCF0A40
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 7FCF0C77
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] 7FCF0AEE
IAT C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe[2488] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCloseKey] 7FCF15CA
IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[4092] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72EFF6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\tdx \Device\Tcp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)

---- EOF - GMER 1.0.15 ----


How do we look?

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:01:39 PM

Posted 30 March 2012 - 07:53 PM

All I see is that you should upgrade to IE9.

#15 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:06:39 AM

Posted 30 March 2012 - 10:20 PM

Great. Thank you for your help.

Have a wonderful weekend.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users