Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WOW Account Hacked Possible Key Logger


  • This topic is locked This topic is locked
17 replies to this topic

#1 Bluabnshee

Bluabnshee

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 12 June 2010 - 09:18 AM

Hi Guys,

I recently had my WOW account hacked and Blizzard say's its because I have a key logger. I don't think its on my end but I wanted to make sure. This is really the only problem I have. The computer is running fine because I only use this computer for gaming most of the time. I have posted a up to date Hijack This Log below.

Thanks for any help, Corey

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:11 AM, on 6/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Corey Malone\Local Settings\Apps\2.0\19XN19EG.KPC\7TAPVRE7.J96\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [meperebavu] Rundll32.exe "C:\WINDOWS\System32\nitokima.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [meperebavu] Rundll32.exe "C:\WINDOWS\System32\nitokima.dll",s (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1238350673968
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7396 bytes

Edited by Orange Blossom, 12 June 2010 - 04:43 PM.
Move to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 16 June 2010 - 05:35 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    activex
    drivers32
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT

  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


In your reply, please post both OTL logs and the GMER log.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 01:27 AM

Thanks so much for your help. I just mainly want to make sure I don't have a Key-logger on my computer because my World Of Warcraft account was taken over. I have run SuperAntiSpyware and Malewarebytes. They came up clean.

Thanks, Corey

OTL Log Report:

OTL logfile created on: 6/20/2010 1:13:15 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Corey Malone\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 113.00 Gb Free Space | 37.91% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
Drive F: | 149.01 Gb Total Space | 126.75 Gb Free Space | 85.06% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SOUTHERN-T9IVW0
Current User Name: Corey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 01:11:51 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Corey Malone\Desktop\OTL.exe
PRC - [2010/06/11 16:48:04 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/24 07:49:45 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007/07/17 19:08:45 | 002,094,352 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2007/07/17 18:30:12 | 000,414,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
PRC - [2007/07/17 18:30:03 | 001,687,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2007/07/17 18:29:52 | 000,460,048 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
PRC - [2007/07/17 18:29:34 | 000,479,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
PRC - [2007/07/17 18:29:24 | 000,278,288 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/11 14:15:44 | 000,503,808 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Common Files\PFShared\UmxCfg.exe
PRC - [2005/05/10 16:51:58 | 000,172,032 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxTray.exe
PRC - [2005/04/22 12:41:12 | 000,081,920 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxFwHlp.exe
PRC - [2005/04/13 11:51:30 | 000,397,312 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxAgent.exe
PRC - [2005/03/09 17:02:04 | 000,098,304 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Common Files\PFShared\umxlu.exe
PRC - [2004/09/21 15:58:42 | 000,196,676 | ---- | M] (Tiny Software Inc.) -- C:\Program Files\Common Files\PFShared\UmxPol.exe
PRC - [2004/04/06 16:49:02 | 000,454,656 | ---- | M] () -- C:\Program Files\Belkin\Nostromo\nost_LM.exe
PRC - [2001/12/13 01:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE
PRC - [2001/11/23 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE


========== Modules (SafeList) ==========

MOD - [2010/06/20 01:11:51 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Corey Malone\Desktop\OTL.exe
MOD - [2009/09/27 19:20:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2009/09/24 00:45:14 | 001,624,680 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/04/26 19:28:22 | 000,180,224 | ---- | M] (Tiny Software Inc.) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2005/04/26 19:27:52 | 000,065,536 | ---- | M] (Tiny Software Inc.) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2004/08/04 01:01:17 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2003/11/03 16:34:20 | 000,053,248 | ---- | M] (eTEK Labs) -- C:\Program Files\Belkin\Nostromo\nost_FSH.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005/05/11 14:15:44 | 000,503,808 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\UmxCfg.exe -- (UmxCfg)
SRV - [2005/04/22 12:41:12 | 000,081,920 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Tiny Firewall\UmxFwHlp.exe -- (UmxFwHlp)
SRV - [2005/04/13 11:51:30 | 000,397,312 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Tiny Firewall\UmxAgent.exe -- (UmxAgent)
SRV - [2005/03/09 17:02:04 | 000,098,304 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\umxlu.exe -- (UmxLU)
SRV - [2004/09/21 15:58:42 | 000,196,676 | ---- | M] (Tiny Software Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\UmxPol.exe -- (UmxPol)
SRV - [2001/11/23 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - [2010/06/11 16:48:04 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/02 19:28:00 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/03/02 19:28:00 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/21 12:11:00 | 000,137,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009/11/24 18:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 18:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 18:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 18:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 18:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/27 17:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/01 13:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 13:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/06/15 04:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/02/26 20:15:21 | 000,061,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/05/12 16:41:56 | 000,097,792 | ---- | M] (Tiny Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2005/05/11 14:07:30 | 000,015,872 | ---- | M] (Tiny Software Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxBiG.sys -- (KmxBiG)
DRV - [2005/05/11 14:03:22 | 000,053,248 | ---- | M] (Tiny Software Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2005/05/11 13:57:12 | 000,044,544 | ---- | M] (Tiny Software Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2005/05/11 13:52:44 | 000,065,536 | ---- | M] (Tiny Software Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2005/05/05 17:40:34 | 000,083,968 | ---- | M] (Tiny Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxndis.sys -- (KmxNdis)
DRV - [2005/05/03 23:11:40 | 000,064,640 | ---- | M] (Tiny Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2005/01/10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/10/13 20:02:50 | 000,005,036 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Samhid.sys -- (samhid)
DRV - [2004/08/19 09:21:00 | 000,189,568 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/04 01:07:55 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2003/07/24 03:16:48 | 000,022,821 | ---- | M] (Belkin Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcgame.sys -- (bcgame)
DRV - [2002/12/10 18:53:24 | 000,236,121 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2002/12/10 18:51:40 | 000,012,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000/07/24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "iPhone OS 3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2436531&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-msgr"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr"
FF - prefs.js..browser.search.selectedEngine: "iPhone OS 3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.16
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.20
FF - prefs.js..extensions.enabledItems: {74714d77-1695-4e73-a98e-25cb374f46b4}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: {55ce2530-61df-4ddc-b287-feae64e70575}:0.7
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.5.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.6.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2436531&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/11/24 20:17:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/01/30 11:28:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/30 23:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/05 18:28:23 | 000,000,000 | ---D | M]

[2008/10/01 23:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Extensions
[2010/06/16 16:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions
[2010/01/17 12:30:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/09/20 20:35:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/17 12:30:25 | 000,000,000 | ---D | M] (RefreshBlocker) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{55ce2530-61df-4ddc-b287-feae64e70575}
[2010/04/24 07:49:55 | 000,000,000 | ---D | M] (iPhone OS 3 Toolbar) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{74714d77-1695-4e73-a98e-25cb374f46b4}
[2010/02/16 20:10:18 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/01/17 12:30:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/09 12:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\moveplayer@movenetworks.com
[2009/08/28 15:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\undoclosedtabsbutton@supernova00.biz
[2009/03/22 21:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\wordlearner@wordlearner.com
[2010/04/21 12:07:24 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\searchplugins\conduit.xml
[2010/06/16 18:31:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/29 20:07:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/29 20:07:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2002/08/29 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\S-1-5-19..\Run: [meperebavu] C:\WINDOWS\System32\nitokima.DLL File not found
O4 - HKU\S-1-5-20..\Run: [meperebavu] C:\WINDOWS\System32\nitokima.DLL File not found
O4 - HKU\S-1-5-21-746137067-682003330-839522115-1003..\Run: [AMonitor] C:\Program Files\Tiny Firewall\amon.exe (Tiny Software, Inc.)
O4 - Startup: C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1238350673968 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (Tiny Software Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (Tiny Software Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/01 01:02:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/05 13:09:12 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/09/30 17:51:08 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Loadout Manager.lnk - C:\Program Files\Belkin\Nostromo\nost_LM.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe - (Logitech)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: CurseClient - hkey= - key= - C:\Program Files\Curse\CurseClient.exe File not found
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe File not found
MsConfig - StartUpReg: igndlm.exe - hkey= - key= - C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LDM - hkey= - key= - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
MsConfig - StartUpReg: LogitechGalleryRepair - hkey= - key= - C:\Program Files\Logitech\ImageStudio\ISStart.exe (Logitech Inc.)
MsConfig - StartUpReg: LogitechImageStudioTray - hkey= - key= - C:\Program Files\Logitech\ImageStudio\LogiTray.exe (Logitech Inc.)
MsConfig - StartUpReg: LVCOMS - hkey= - key= - C:\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe (Logitech Inc.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NCsoft Launcher - hkey= - key= - C:\program files\ncsoft\launcher\NCLauncher.exe (NCSoft)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: PC Suite Tray - hkey= - key= - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
MsConfig - StartUpReg: PlayNC Launcher - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
MsConfig - StartUpReg: XboxStat - hkey= - key= - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mxmc - C:\WINDOWS\System32\MimicICM.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17465003472846848)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/20 01:11:51 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Corey Malone\Desktop\OTL.exe
[2010/06/19 07:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/19 07:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 07:53:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/06/12 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Tiny Firewall
[2010/06/12 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PFShared
[2010/06/12 09:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/06/11 19:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/06/05 17:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Michael's Files
[2010/05/25 22:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Iphone
[2010/05/23 18:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Hawg Holler 2010
[2010/05/01 16:45:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Rev theory
[2010/05/01 08:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/01 08:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/04/30 23:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/29 20:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/29 12:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\WTT Files
[2010/04/25 21:56:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Corey Malone\Recent
[2010/04/25 21:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Unknown
[2010/04/25 21:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Softball
[2010/04/25 21:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Ipod
[2010/04/25 21:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Virus Tools
[2010/04/25 21:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\BORDERLANDS
[2010/04/25 21:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\WOW
[2010/04/25 21:42:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/04/25 21:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/04/25 21:39:50 | 000,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Corey Malone\Desktop\SysRestorePoint.exe
[2010/04/25 21:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/24 09:07:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/04/24 09:07:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/24 09:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/04/24 09:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Application Data\Sun
[2010/04/09 19:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Mustang Edit
[2010/04/09 19:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\My Documents\My PSP8 Files
[2010/04/09 19:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Application Data\Jasc Software Inc
[2010/04/09 19:00:23 | 000,000,000 | ---D | C] -- C:\Program Files\Jasc Software Inc
[2010/04/09 18:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Paintshop Pro
[2010/04/09 18:29:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Mustang Bad
[2010/04/09 18:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Me Bike
[2010/04/09 18:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Mustang Orig
[2010/04/04 08:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Back rest
[2010/04/04 07:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\My Documents\Flickr
[2010/03/27 07:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta
[2010/03/27 07:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\My Documents\StarCraft II Beta
[2010/03/26 17:58:21 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II Beta enUS 13891 Installer
[2002/04/11 03:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

========== Files - Modified Within 90 Days ==========

[2010/06/20 01:11:51 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Corey Malone\Desktop\OTL.exe
[2010/06/20 01:06:22 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\HiJackThis.lnk
[2010/06/20 00:23:57 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Corey Malone\NTUSER.DAT
[2010/06/19 20:05:34 | 000,248,910 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/19 20:05:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/19 20:04:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/19 20:04:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/19 20:03:38 | 000,022,838 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k
[2010/06/19 08:01:47 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/19 07:58:46 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/19 07:49:08 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/06/19 07:11:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/16 18:58:59 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/06/15 10:20:51 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\Curse Client.appref-ms
[2010/06/12 09:57:16 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\probtp51.cnt
[2010/06/12 09:55:24 | 000,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/12 09:55:24 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/12 09:55:24 | 000,000,224 | RHS- | M] () -- C:\boot.ini
[2010/06/05 22:48:12 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 18:28:23 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/06/04 19:07:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Corey Malone\ntuser.ini
[2010/06/04 15:49:25 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\Knight F Mohawk.doc
[2010/06/04 15:39:55 | 000,000,059 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2010/05/27 17:15:44 | 000,047,754 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_Core________________.zip
[2010/05/27 17:15:35 | 000,069,645 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_MailMod_________.zip
[2010/05/07 15:47:40 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/04/30 23:20:10 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/04/30 23:07:33 | 019,807,301 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\_IMG_004.mov
[2010/04/30 21:43:40 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/25 21:42:17 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/04/25 21:42:10 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\ERUNT.lnk
[2010/04/25 21:39:50 | 000,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Corey Malone\Desktop\SysRestorePoint.exe
[2010/04/11 20:07:33 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Jasc Paint Shop Pro 8.lnk
[2010/04/09 18:51:07 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\Accounts And Pass.xls
[2010/04/01 16:05:14 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/27 07:58:47 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II Beta.lnk

========== Files Created - No Company Name ==========

[2010/06/19 08:01:47 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/19 07:58:46 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/12 12:50:48 | 000,022,838 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k
[2010/06/12 09:57:16 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\probtp51.cnt
[2010/06/04 15:49:24 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\Knight F Mohawk.doc
[2010/05/27 17:15:44 | 000,047,754 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_Core________________.zip
[2010/05/27 17:15:34 | 000,069,645 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_MailMod_________.zip
[2010/05/25 22:17:06 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/07 15:47:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/05/01 08:12:57 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/04/30 23:07:21 | 019,807,301 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\_IMG_004.mov
[2010/04/25 21:42:17 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/04/25 21:42:10 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\ERUNT.lnk
[2010/04/25 21:26:08 | 000,002,461 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\HiJackThis.lnk
[2010/04/09 19:01:44 | 000,002,519 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Jasc Paint Shop Pro 8.lnk
[2010/04/02 09:41:41 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\Accounts And Pass.xls
[2010/03/27 08:16:32 | 000,383,168 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/03/27 07:55:12 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StarCraft II Beta.lnk
[2010/01/28 17:38:23 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/01/28 17:34:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2010/01/28 17:34:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\BRVPDNTA.DLL
[2010/01/28 17:34:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2010/01/28 17:34:23 | 000,011,568 | ---- | C] () -- C:\WINDOWS\HL-1440.INI
[2010/01/28 17:34:23 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2010/01/28 17:18:00 | 000,000,059 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010/01/28 17:18:00 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1440.ini
[2010/01/28 17:18:00 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Brwmark.ini
[2010/01/28 17:18:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brohl144.ini
[2010/01/28 17:17:27 | 000,000,312 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2010/01/28 17:17:27 | 000,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010/01/28 17:17:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\brpp2ka.ini
[2010/01/28 17:17:27 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/12/11 23:31:28 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Ffpage.dll
[2009/12/11 23:31:28 | 000,005,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\Samhid.sys
[2009/12/06 21:32:10 | 000,000,707 | ---- | C] () -- C:\WINDOWS\client.config.ini
[2009/06/21 09:09:51 | 000,137,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/29 13:24:43 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/02/28 19:48:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/16 16:07:34 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2008/10/16 16:07:15 | 000,011,653 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/10/16 16:06:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/01 21:19:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/17 13:22:26 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\ACPC.dll
[2005/05/03 13:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 12:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010/01/28 18:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/11/13 23:50:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funcom
[2009/11/24 20:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/10/18 07:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/01/30 11:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010/01/30 11:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/01/11 23:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/05/01 08:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/01 21:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/14 15:23:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Corey Malone\Application Data\.#
[2009/12/06 10:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\FOG Downloader
[2008/10/16 16:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\FotoWire
[2009/03/21 08:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Leadertech
[2009/09/11 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010/01/30 11:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Nokia
[2010/01/30 11:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Nokia Ovi Suite
[2009/10/18 07:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\PC Suite

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/03/29 14:23:18 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/03/29 14:23:18 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002/08/29 07:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2009/03/29 14:23:18 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/03/29 14:23:18 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002/08/29 07:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/04 02:56:42 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[2002/08/29 07:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2002/08/29 07:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/04 02:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2008/08/18 20:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/08/18 20:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sata_ide\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008/08/18 20:54:00 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/04 02:56:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2002/08/29 07:00:00 | 000,174,592 | ---- | M] (Microsoft Corporation) MD5=97418A5C642A5C748A28BD7CF6860B57 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< %systemroot%\*. /mp /s >
< End of report >

Edited by Bluabnshee, 20 June 2010 - 02:12 AM.


#4 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 01:28 AM

OTL Extras Log:


OTL Extras logfile created on: 6/20/2010 1:13:15 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Corey Malone\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 113.00 Gb Free Space | 37.91% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
Drive F: | 149.01 Gb Total Space | 126.75 Gb Free Space | 85.06% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SOUTHERN-T9IVW0
Current User Name: Corey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher
"8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher
"8372:TCP" = 8372:TCP:*:Enabled:League of Legends Launcher
"8372:UDP" = 8372:UDP:*:Enabled:League of Legends Launcher
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:CurseClient -- File not found
"C:\Program Files\Atari\ArmA Demo\ArmADemo.exe" = C:\Program Files\Atari\ArmA Demo\ArmADemo.exe:*:Enabled:ArmA Demo -- (Bohemia Interactive)
"C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()
"C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"C:\Program Files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe" = C:\Program Files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe:*:Enabled:America's Army 3 -- ()
"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\StarCraft II Beta\StarCraft II.exe" = C:\Program Files\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\StarCraft II Beta\Versions\Base14593\SC2.exe" = C:\Program Files\StarCraft II Beta\Versions\Base14593\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment)
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Corey Malone\Local Settings\Apps\2.0\19XN19EG.KPC\7TAPVRE7.J96\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe" = C:\Documents and Settings\Corey Malone\Local Settings\Apps\2.0\19XN19EG.KPC\7TAPVRE7.J96\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05637CBD-DC52-4B56-83BB-B621BEC17C5E}" = Tiny Desktop Firewall 2005
"{0C28E0CC-223E-4F45-B97F-3AEBDE2CBF30}" = Delta Force Black Hawk Down Team Sabre
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0F3A1C5A-DA6A-4536-A058-CBB857CAC20C}" = Nostromo Array Programming Software
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{254AA551-D855-41A7-9E19-6DBB50D1EB03}" = Delta Force 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A539C9F-1F8F-4746-BCA6-217B06440EF0}" = Delta Force Land Warrior
"{307C42FF-4C61-4F7A-B872-6756B236285A}" = Delta Force Task Force Dagger
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{564B16F4-6B5B-47B0-9AB6-FF2E943947F7}" = Nokia Ovi Suite Software Updater
"{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}" = Logitech ImageStudio
"{66F0AC35-4805-44BC-A3D4-347D4196F9B3}" = Microsoft Xbox 360 Accessories 1.1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{74D0A269-49C8-4EFA-AB53-BD4A80251906}" = Aion
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D100E0C-1A5A-43AD-93EF-76F94AE61C30}" = OviMPlatform
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{948BE614-F37B-4A73-AD43-0245F23C110D}" = Logitech GamePanel Software 2.00
"{961C4925-5B53-4127-969D-1CACF2426C05}" = Delta Force: Xtreme
"{984F10FD-11FD-4BED-8163-92DB81E6A825}" = Logitech IM Video Companion
"{99A4F599-7227-40DB-9CFA-147EB029F504}" = Delta Force
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}" = Nokia Ovi Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C22E50B4-B9D0-4a07-B1F3-12362514FEA7}" = The Sims™ 2 Double Deluxe
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{E760F3F6-426D-48EC-8CDB-D7559C575A7A}" = Delta Force Black Hawk Down
"{F1C3541D-5B93-4131-B440-692FBA3DD250}" = Ovi Desktop Sync Engine
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Conan_is1" = Age of Conan - Hyborian Adventures
"ArmA Demo" = ArmA Demo Uninstall
"avast!" = avast! Antivirus
"Brother 1440" = Brother 1440
"BROWNIE" = Brownie
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Download Manager" = Download Manager 2.3.9
"EA Download Manager" = EA Download Manager
"ERUNT_is1" = ERUNT 1.1j
"Free iPod Video Converter_is1" = Free iPod Video Converter 1.34
"Guild Wars" = Guild Wars
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"NYKO AirFlo Controller v0.1" = NYKO AirFlo Controller v0.1
"OpenAL" = OpenAL
"ProcessScanner_is1" = Uniblue ProcessScanner
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer 7 Basic
"StarCraft II Beta" = StarCraft II Beta
"Steam App 13140" = America's Army 3
"Steam App 550" = Left 4 Dead 2
"SystemRequirementsLab" = System Requirements Lab
"Warhammer Online - Age of Reckoning" = Warhammer Online - Age of Reckoning
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"NCsoft-GuildWars" = Guild Wars

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/8/2009 10:35:18 AM | Computer Name = SOUTHERN-T9IVW0 | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://w186.slashkey.com/facebook/farm/aja...ig_locale=en_US
failed, 0000A413.

[ Application Events ]
Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 236: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 432: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/1/2010 1:55:06 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/6/2010 10:43:03 AM | Computer Name = SOUTHERN-T9IVW0 | Source = Application Error | ID = 1000
Description = Faulting application lcdmedia.exe, version 2.0.171.0, faulting module
lcdmedia.exe, version 2.0.171.0, fault address 0x000151c0.

Error - 6/10/2010 8:22:27 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 6/12/2010 8:55:21 AM | Computer Name = SOUTHERN-T9IVW0 | Source = nview_info | ID = 11141121
Description =

Error - 6/12/2010 1:50:14 PM | Computer Name = SOUTHERN-T9IVW0 | Source = nview_info | ID = 11141121
Description =

[ System Events ]
Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7034
Description = The BrSplService service terminated unexpectedly. It has done this
1 time(s).

Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly. It has done this 1
time(s).

Error - 4/29/2010 8:01:17 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7034
Description = The PnkBstrB service terminated unexpectedly. It has done this 1
time(s).

Error - 5/1/2010 9:18:48 AM | Computer Name = SOUTHERN-T9IVW0 | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.

Error - 5/1/2010 9:21:17 AM | Computer Name = SOUTHERN-T9IVW0 | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.

Error - 6/11/2010 5:48:07 PM | Computer Name = SOUTHERN-T9IVW0 | Source = Service Control Manager | ID = 7000
Description = The SASDIFSV service failed to start due to the following error: %%183

Error - 6/19/2010 8:56:36 AM | Computer Name = SOUTHERN-T9IVW0 | Source = DCOM | ID = 10010
Description = The server {DC0C2640-1415-4644-875C-6F4D769839BA} did not register
with DCOM within the required timeout.


< End of report >

Edited by Bluabnshee, 20 June 2010 - 02:13 AM.


#5 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 20 June 2010 - 06:15 AM

Please don't forget the GMER log...always good to look for rootkits that won't show in the other logs.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#6 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 08:50 AM

Part1 and sorry I fell asleep waiting on it to finish. Here it is in two posts.................. Thanks


GMER LOG

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-20 08:43:40
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\COREYM~1\LOCALS~1\Temp\afacrpod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB4C756B8]
SSDT \SystemRoot\System32\DRIVERS\KmxSbx.sys (TF registry and spawning guard driver/Tiny Software Inc.) ZwCreateKey [0xB47E2F90]
SSDT \SystemRoot\System32\DRIVERS\kmxagent.sys (TF Agent driver/Tiny Software Inc.) ZwCreateSection [0xB4FACFD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB4C75A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB4C7514C]
SSDT \SystemRoot\System32\DRIVERS\KmxSbx.sys (TF registry and spawning guard driver/Tiny Software Inc.) ZwOpenKey [0xB47E2F40]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB4C7508C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB4C750F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB4C7576E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB4C7572E]
SSDT \SystemRoot\System32\DRIVERS\kmxagent.sys (TF Agent driver/Tiny Software Inc.) ZwSetInformationProcess [0xB4FAC040]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB4C758AE]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB4D32620]

---- Kernel code sections - GMER 1.0.15 ----

PAGENPNP NDIS.sys!NdisRegisterProtocol B7DFD17D 5 Bytes JMP B7DC5410 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisOpenAdapter B7DFD397 5 Bytes JMP B7DC5C90 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisClOpenAddressFamily B7DFE127 5 Bytes JMP B7DC3D40 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisCmRegisterAddressFamily B7DFE672 5 Bytes JMP B7DC3DF0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisMSetAttributesEx B7E00A6F 5 Bytes JMP B7DC57B0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisMCmRegisterAddressFamily B7E01220 5 Bytes JMP B7DC3EA0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisInitializeWrapper B7E022BF 5 Bytes JMP B7DC5350 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisMRegisterMiniport B7E023D5 5 Bytes JMP B7DC6730 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisIMRegisterLayeredMiniport B7E02A8D 5 Bytes JMP B7DC6800 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisIMAssociateMiniport B7E02AD3 5 Bytes JMP B7DC56F0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisCloseAdapter B7E0761E 5 Bytes JMP B7DC5230 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENPNP NDIS.sys!NdisTerminateWrapper B7E078C8 5 Bytes JMP B7DC63E0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
PAGENDCO NDIS.sys!NdisMCoSendComplete B7E15234 5 Bytes JMP B7DC41D0 kmxndis.sys (TPF: NDIS hooking engine/Tiny Software, Inc.)
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xB72E3360, 0x3E57A5, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iTunes\iTunesHelper.exe[340] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[392] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brsvc01a.exe[440] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\brss01a.exe[464] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\spoolsv.exe[472] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxCfg.exe[536] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxFwHlp.exe[556] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\UmxPol.exe[620] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxAgent.exe[660] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Tiny Firewall\UmxTray.exe[700] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\winlogon.exe[880] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[908] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\services.exe[932] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\lsass.exe[948] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\nvsvc32.exe[1132] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1180] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1272] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Bonjour\mDNSResponder.exe[1332] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Java\jre6\bin\jqs.exe[1388] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1424] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\svchost.exe[1480] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1608] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1712] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrA.exe[1760] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\PnkBstrB.exe[1780] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1800] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\svchost.exe[1908] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1912] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Common Files\PFShared\umxlu.exe[1964] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\ctfmon.exe[2112] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\Explorer.EXE[2320] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\System32\alg.exe[2636] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\System32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2848] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe[2904] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS

#7 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 08:51 AM

Part2 GMER LOG

\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe[3168] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe[3184] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe[3208] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe[3248] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe[3356] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3500] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Documents and Settings\Corey Malone\Desktop\Gmer\gmer.exe[3560] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 5FF2922C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 5FF29348 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!TerminateProcess 7C801E16 5 Bytes JMP 5FF248EC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 5FF28ED8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!VirtualAllocEx 7C809A82 7 Bytes JMP 5FF29110 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 5FF28FF4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!TerminateThread 7C81CE13 5 Bytes JMP 5FF24A08 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!OpenThread 7C82FC1C 5 Bytes JMP 5FF298D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] kernel32.dll!DebugActiveProcess 7C85A2B3 5 Bytes JMP 5FF299F0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!PostMessageW 7E418CCB 5 Bytes JMP 5FF24F94 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageW 7E41B8BA 5 Bytes JMP 5FF24D5C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!PostMessageA 7E41CB85 5 Bytes JMP 5FF24E78 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageTimeoutW 7E41ED72 5 Bytes JMP 5FF2563C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendNotifyMessageW 7E41F27A 5 Bytes JMP 5FF25874 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageCallbackW 7E41F306 5 Bytes JMP 5FF25404 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendDlgItemMessageW 7E425292 5 Bytes JMP 5FF25AAC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!BroadcastSystemMessageExW 7E4288EB 5 Bytes JMP 5FF25F1C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SetUserObjectSecurity 7E42B864 5 Bytes JMP 5FF2894C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SetWindowsHookW 7E42C1C1 5 Bytes JMP 5FF297B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!BroadcastSystemMessageW 7E42CD5D 5 Bytes JMP 5FF25CE4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SetWindowsHookExW 7E42DDB5 5 Bytes JMP 5FF29580 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!PostThreadMessageW 7E42E08F 5 Bytes JMP 5FF251CC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!PostThreadMessageA 7E42E09C 5 Bytes JMP 5FF250B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageA 7E42F383 5 Bytes JMP 5FF24C40 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageTimeoutA 7E42FB2B 5 Bytes JMP 5FF25520 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!OpenClipboard 7E430237 5 Bytes JMP 5FF228BC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SetWindowsHookExA 7E4311D1 5 Bytes JMP 5FF29464 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendDlgItemMessageA 7E43C2AF 5 Bytes JMP 5FF25990 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SetWindowsHookA 7E43ED31 5 Bytes JMP 5FF2969C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendNotifyMessageA 7E4536E8 5 Bytes JMP 5FF25758 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!EndTask 7E459E75 5 Bytes JMP 5FF24B24 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!ExitWindowsEx 7E45A045 5 Bytes JMP 5FF2A2D4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!BroadcastSystemMessageExA 7E46AC6F 5 Bytes JMP 5FF25E00 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!BroadcastSystemMessage 7E46AC96 5 Bytes JMP 5FF25BC8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] USER32.dll!SendMessageCallbackA 7E46AF01 5 Bytes JMP 5FF252E8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!AdjustTokenPrivileges 77DDEE4C 5 Bytes JMP 5FF2806C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!SetKernelObjectSecurity 77DE451F 5 Bytes JMP 5FF283C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceStatus 77DE5C58 7 Bytes JMP 5FF26C70 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!OpenSCManagerW 77DE5E5D 7 Bytes JMP 5FF26390 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!OpenServiceW 77DE5F05 7 Bytes JMP 5FF26800 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceConfigW 77DE6F1F 7 Bytes JMP 5FF270E0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!SetFileSecurityW 77DEA589 5 Bytes JMP 5FF282A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!OpenSCManagerA 77DED705 7 Bytes JMP 5FF26274 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumServicesStatusA 77DED89F 7 Bytes JMP 5FF27ADC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!ControlService 77DEE055 7 Bytes JMP 5FF26EA8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!OpenServiceA 77DEE2AE 7 Bytes JMP 5FF266E4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!StartServiceW 77DEE5A4 7 Bytes JMP 5FF26B54 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!SetSecurityInfo 77DEFC27 5 Bytes JMP 5FF285F8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!SetNamedSecurityInfoW 77DF062D 5 Bytes JMP 5FF28830 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceStatusEx 77DF0E4A 7 Bytes JMP 5FF26D8C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!StartServiceA 77DF25D8 7 Bytes JMP 5FF26A38 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceConfigA 77DF4D5A 7 Bytes JMP 5FF26FC4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!CreateProcessAsUserW 77DF6285 5 Bytes JMP 5FF28B84 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!AbortSystemShutdownW 77DFD40B 5 Bytes JMP 5FF2A1B8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!CreateProcessAsUserA 77E109B0 5 Bytes JMP 5FF28A68 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!CreateProcessWithLogonW 77E15CFD 5 Bytes JMP 5FF28CA0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!InitiateSystemShutdownW 77E34B59 5 Bytes JMP 5FF29D48 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!InitiateSystemShutdownExW 77E34BED 5 Bytes JMP 5FF29F80 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumServicesStatusExW 77E36863 7 Bytes JMP 5FF27E30 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumServicesStatusExA 77E36AD7 7 Bytes JMP 5FF27D14 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!SetServiceObjectSecurity 77E36C29 7 Bytes JMP 5FF284DC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!ChangeServiceConfigA 77E36D11 7 Bytes JMP 5FF2766C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!ChangeServiceConfigW 77E36EA9 7 Bytes JMP 5FF27788 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!ChangeServiceConfig2A 77E36FA9 7 Bytes JMP 5FF278A4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!ChangeServiceConfig2W 77E37031 7 Bytes JMP 5FF279C0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!CreateServiceA 77E370B9 7 Bytes JMP 5FF264AC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!CreateServiceW 77E37251 7 Bytes JMP 5FF265C8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!DeleteService 77E37359 7 Bytes JMP 5FF2691C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumDependentServicesA 77E373D1 7 Bytes JMP 5FF27434 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumDependentServicesW 77E37489 7 Bytes JMP 5FF27550 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceConfig2A 77E37841 7 Bytes JMP 5FF271FC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!QueryServiceConfig2W 77E37959 7 Bytes JMP 5FF27318 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ADVAPI32.dll!EnumServicesStatusW 77E37C09 5 Bytes JMP 5FF27BF8 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 5FF220F4 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoCreateInstanceEx 774FFA6B 5 Bytes JMP 5FF2232C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 5FF22210 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoGetClassObject 77515DB2 5 Bytes JMP 5FF22448 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoGetInstanceFromFile 7754B6DC 5 Bytes JMP 5FF22564 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] ole32.dll!CoGetInstanceFromIStorage 7759625D 5 Bytes JMP 5FF22680 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\WINDOWS\system32\rundll32.exe[3624] SHELL32.dll!SHCreateProcessAsUserW 7CAC91AC 5 Bytes JMP 5FF28DBC C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!LoadLibraryExW 7C801AF1 7 Bytes JMP 5FF24008 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 5FF246B0 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 5FF24594 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!FreeLibrary 7C80ABEE 5 Bytes JMP 5FF2435C C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!GetProcAddress 7C80ADB0 5 Bytes JMP 5FF24124 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)
.text C:\Program Files\iPod\bin\iPodService.exe[3940] kernel32.dll!ExitProcess 7C81CDEA 5 Bytes JMP 5FF24240 C:\WINDOWS\system32\UmxSbxw.dll (User mode executive module DLL/Tiny Software Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs KmxFile.sys (TF file guard/Tiny Software Inc.)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \Driver\Tcpip \Device\Ip kmxfw.sys (TPF: core security engine/Tiny Software, Inc.)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Tcp kmxfw.sys (TPF: core security engine/Tiny Software, Inc.)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Udp kmxfw.sys (TPF: core security engine/Tiny Software, Inc.)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\RawIp kmxfw.sys (TPF: core security engine/Tiny Software, Inc.)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\IPMULTICAST kmxfw.sys (TPF: core security engine/Tiny Software, Inc.)

---- EOF - GMER 1.0.15 ----


#8 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 20 June 2010 - 09:02 AM

Hello, Bluabnshee.

I see some leftovers from an infection, but nothing seems to be active. Let's take care of what I can see, and run two quick scans.



Step 1

Download and run HAMeb_check.exe
Post the contents of the resulting log.



Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



Step 3

We need run an OTL Script
  1. Please download OTL from one of the following mirrors if you do not still have it.
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Paste the following code under the Custom Scans/Fixes box at the bottom. Do not include the word "Code".
    CODE
    :files
    C:\WINDOWS\System32\probtp51.cnt
    :OTL
    O4 - HKU\S-1-5-19..\Run: [meperebavu] C:\WINDOWS\System32\nitokima.DLL File not found
    O4 - HKU\S-1-5-20..\Run: [meperebavu] C:\WINDOWS\System32\nitokima.DLL File not found
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    "DisableMonitoring" = 0
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayNC Launcher]
  5. Click the Run Fix button at the top.
  6. let the program run unhindered and reboot when it is done.
  7. You will get a log when it is done, please post that in your reply.
  8. Please then create a new OTL report....
  9. Click the "Scan All Users" checkbox.
  10. Push the button.
  11. A report will open, copy and paste it in a reply here.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#9 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 09:35 AM

Hi, Im curious what type of infection did I have left over files from? Thanks again for your help, Corey


C:\Documents and Settings\Corey\Desktop\HAMeb_check.exe
Sun 06/20/2010 at 9:11:41.67

Account active No
Local Group Memberships

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking for HelpAssistant directories ~~

none found

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK

~~ Checking for termsrv32.dll ~~

termsrv32.dll was not found


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\termsrv.dll

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]


~~ EOF ~~


#10 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 09:37 AM

MBAM LOG:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4217

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

6/20/2010 9:21:23 AM
mbam-log-2010-06-20 (09-21-23).txt

Scan type: Quick scan
Objects scanned: 128735
Time elapsed: 6 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL FIX File:

========== FILES ==========
C:\WINDOWS\System32\probtp51.cnt moved successfully.
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\meperebavu deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\meperebavu deleted successfully.
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\\"DisableMonitoring" | 0 /E!
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CurseClient\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayNC Launcher\ deleted successfully.

OTL by OldTimer - Version 3.2.6.0 log created on 06202010_092249

#11 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 09:39 AM

OTL Scan All Users Log:


OTL logfile created on: 6/20/2010 9:30:00 AM - Run 2
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Corey\Desktop\Bleeping Help
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 112.96 Gb Free Space | 37.90% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
Drive F: | 149.01 Gb Total Space | 126.75 Gb Free Space | 85.06% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SOUTHERN-T9IVW0
Current User Name: Corey
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/20 01:11:51 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Corey\Desktop\Bleeping Help\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/24 07:49:45 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007/07/17 19:08:45 | 002,094,352 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2007/07/17 18:30:12 | 000,414,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
PRC - [2007/07/17 18:30:03 | 001,687,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2007/07/17 18:29:52 | 000,460,048 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
PRC - [2007/07/17 18:29:34 | 000,479,504 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
PRC - [2007/07/17 18:29:24 | 000,278,288 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/05/11 14:15:44 | 000,503,808 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Common Files\PFShared\UmxCfg.exe
PRC - [2005/05/10 16:51:58 | 000,172,032 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxTray.exe
PRC - [2005/04/22 12:41:12 | 000,081,920 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxFwHlp.exe
PRC - [2005/04/13 11:51:30 | 000,397,312 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Tiny Firewall\UmxAgent.exe
PRC - [2005/03/09 17:02:04 | 000,098,304 | ---- | M] (Tiny Software, Inc.) -- C:\Program Files\Common Files\PFShared\umxlu.exe
PRC - [2004/09/21 15:58:42 | 000,196,676 | ---- | M] (Tiny Software Inc.) -- C:\Program Files\Common Files\PFShared\UmxPol.exe
PRC - [2001/12/13 01:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE
PRC - [2001/11/23 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE


========== Modules (SafeList) ==========

MOD - [2010/06/20 01:11:51 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Corey\Desktop\Bleeping Help\OTL.exe
MOD - [2009/09/27 19:20:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2009/09/24 00:45:14 | 001,624,680 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/04/26 19:28:22 | 000,180,224 | ---- | M] (Tiny Software Inc.) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2005/04/26 19:27:52 | 000,065,536 | ---- | M] (Tiny Software Inc.) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2004/08/04 01:01:17 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/10/27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005/05/11 14:15:44 | 000,503,808 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\UmxCfg.exe -- (UmxCfg)
SRV - [2005/04/22 12:41:12 | 000,081,920 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Tiny Firewall\UmxFwHlp.exe -- (UmxFwHlp)
SRV - [2005/04/13 11:51:30 | 000,397,312 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Tiny Firewall\UmxAgent.exe -- (UmxAgent)
SRV - [2005/03/09 17:02:04 | 000,098,304 | ---- | M] (Tiny Software, Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\umxlu.exe -- (UmxLU)
SRV - [2004/09/21 15:58:42 | 000,196,676 | ---- | M] (Tiny Software Inc.) [Auto | Running] -- C:\Program Files\Common Files\PFShared\UmxPol.exe -- (UmxPol)
SRV - [2001/11/23 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - [2010/06/11 16:48:04 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/03/02 19:28:00 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/03/02 19:28:00 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/21 12:11:00 | 000,137,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009/11/24 18:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/24 18:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 18:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 18:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/24 18:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/27 17:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/01 13:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 13:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007/06/15 04:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/02/26 20:15:21 | 000,061,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21)
DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2006/07/01 23:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/05/12 16:41:56 | 000,097,792 | ---- | M] (Tiny Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2005/05/11 14:07:30 | 000,015,872 | ---- | M] (Tiny Software Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxBiG.sys -- (KmxBiG)
DRV - [2005/05/11 14:03:22 | 000,053,248 | ---- | M] (Tiny Software Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2005/05/11 13:57:12 | 000,044,544 | ---- | M] (Tiny Software Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2005/05/11 13:52:44 | 000,065,536 | ---- | M] (Tiny Software Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2005/05/05 17:40:34 | 000,083,968 | ---- | M] (Tiny Software, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxndis.sys -- (KmxNdis)
DRV - [2005/05/03 23:11:40 | 000,064,640 | ---- | M] (Tiny Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2005/01/10 12:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 12:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/10/13 20:02:50 | 000,005,036 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Samhid.sys -- (samhid)
DRV - [2004/08/19 09:21:00 | 000,189,568 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/04 01:07:55 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2003/07/24 03:16:48 | 000,022,821 | ---- | M] (Belkin Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcgame.sys -- (bcgame)
DRV - [2002/12/10 18:53:24 | 000,236,121 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2002/12/10 18:51:40 | 000,012,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000/07/24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-682003330-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "iPhone OS 3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2436531&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-msgr"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr"
FF - prefs.js..browser.search.selectedEngine: "iPhone OS 3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.16
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.20
FF - prefs.js..extensions.enabledItems: {74714d77-1695-4e73-a98e-25cb374f46b4}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: {55ce2530-61df-4ddc-b287-feae64e70575}:0.7
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.5.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.6.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2436531&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/11/24 20:17:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/01/30 11:28:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/30 23:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/05 18:28:23 | 000,000,000 | ---D | M]

[2008/10/01 23:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Extensions
[2010/06/16 16:12:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions
[2010/01/17 12:30:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/09/20 20:35:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/17 12:30:25 | 000,000,000 | ---D | M] (RefreshBlocker) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{55ce2530-61df-4ddc-b287-feae64e70575}
[2010/04/24 07:49:55 | 000,000,000 | ---D | M] (iPhone OS 3 Toolbar) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{74714d77-1695-4e73-a98e-25cb374f46b4}
[2010/02/16 20:10:18 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/01/17 12:30:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/02/09 12:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\moveplayer@movenetworks.com
[2009/08/28 15:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\undoclosedtabsbutton@supernova00.biz
[2009/03/22 21:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\extensions\wordlearner@wordlearner.com
[2010/04/21 12:07:24 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Profiles\pb1x8v89.default\searchplugins\conduit.xml
[2010/06/16 18:31:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/29 20:07:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/29 20:07:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2002/08/29 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Documents and Settings\Corey Malone\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-682003330-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1238350673968 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (Tiny Software Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (Tiny Software Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Corey Malone\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/01 01:02:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/05 13:09:12 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/20 09:22:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/06/20 01:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Bleeping Help
[2010/06/19 07:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/19 07:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/19 07:53:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/06/12 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Tiny Firewall
[2010/06/12 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PFShared
[2010/06/12 09:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/06/11 19:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/06/05 17:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Michael's Files
[2010/05/25 22:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Iphone
[2010/05/23 18:21:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Corey Malone\Desktop\Hawg Holler 2010
[2002/04/11 03:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll

========== Files - Modified Within 30 Days ==========

[2010/06/20 09:28:24 | 000,248,910 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/06/20 09:28:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/20 09:27:24 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\probtp51.cnt
[2010/06/20 09:27:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/20 09:27:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/20 09:26:12 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\Corey Malone\NTUSER.DAT
[2010/06/20 09:26:12 | 000,022,838 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k
[2010/06/20 09:25:31 | 000,000,487 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/20 09:25:31 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/20 09:25:31 | 000,000,224 | RHS- | M] () -- C:\boot.ini
[2010/06/20 09:11:16 | 000,485,896 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\HAMeb_check.exe
[2010/06/20 01:30:50 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Corey Malone\defogger_reenable
[2010/06/20 01:06:22 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\HiJackThis.lnk
[2010/06/19 08:01:47 | 000,000,629 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/19 07:58:46 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/19 07:49:08 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/06/19 07:11:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/16 18:58:59 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/06/15 10:20:51 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\Curse Client.appref-ms
[2010/06/05 22:48:12 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/05 18:28:23 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/06/04 19:07:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Corey Malone\ntuser.ini
[2010/06/04 15:49:25 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\Knight F Mohawk.doc
[2010/06/04 15:39:55 | 000,000,059 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[2010/05/27 17:15:44 | 000,047,754 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_Core________________.zip
[2010/05/27 17:15:35 | 000,069,645 | ---- | M] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_MailMod_________.zip

========== Files Created - No Company Name ==========

[2010/06/20 09:27:24 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\probtp51.cnt
[2010/06/20 09:11:16 | 000,485,896 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\HAMeb_check.exe
[2010/06/20 01:30:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Corey Malone\defogger_reenable
[2010/06/19 08:01:47 | 000,000,629 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/19 07:58:46 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/06/12 12:50:48 | 000,022,838 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k
[2010/06/04 15:49:24 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\Knight F Mohawk.doc
[2010/05/27 17:15:44 | 000,047,754 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_Core________________.zip
[2010/05/27 17:15:34 | 000,069,645 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Desktop\CT_MailMod_________.zip
[2010/05/25 22:17:06 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Corey Malone\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/28 17:38:23 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/01/28 17:34:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2010/01/28 17:34:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\BRVPDNTA.DLL
[2010/01/28 17:34:24 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2010/01/28 17:34:23 | 000,011,568 | ---- | C] () -- C:\WINDOWS\HL-1440.INI
[2010/01/28 17:34:23 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2010/01/28 17:18:00 | 000,000,059 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010/01/28 17:18:00 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1440.ini
[2010/01/28 17:18:00 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Brwmark.ini
[2010/01/28 17:18:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brohl144.ini
[2010/01/28 17:17:27 | 000,000,312 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2010/01/28 17:17:27 | 000,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010/01/28 17:17:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\brpp2ka.ini
[2010/01/28 17:17:27 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/12/11 23:31:28 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\Ffpage.dll
[2009/12/11 23:31:28 | 000,005,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\Samhid.sys
[2009/12/06 21:32:10 | 000,000,707 | ---- | C] () -- C:\WINDOWS\client.config.ini
[2009/06/21 09:09:51 | 000,137,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/03/29 13:24:43 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/02/28 19:48:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/16 16:07:34 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2008/10/16 16:07:15 | 000,011,653 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/10/16 16:06:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/01 21:19:13 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/17 13:22:26 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\ACPC.dll
[2005/05/03 13:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 12:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
< End of report >


#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 20 June 2010 - 10:17 AM

Hello, Bluabnshee.

It appeared to be a Vundo infection. There was evidence of it in this log you had worked at WTT back in April, although it disappeared after the first log.
http://forums.whatthetech.com/ResolvedWOW_...655#entry649655

You appear to be clean, but we can run an online scan if you want to be sure. If not, I can wrap up this thread. Please let me know how you want to proceed.



You also have XP SP2 installed,a nd the current is SP3. I recommend you upgrade, although back up first as this is a major upgrade.

Edited by etavares, 20 June 2010 - 10:18 AM.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#13 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 June 2010 - 11:02 AM

Thanks so much for your help Etavares........ I will run an online scan later and if you want you can go ahead and wrap up the post. I know it sounds silly but I purposely have not updated to SP3 and I have a few reasons for not doing it, but the main is this is my gaming unit and I tried the update a little while back and ended up having to re install windows because of a few incompatible issues with the video card. I really appreciate your time and if you see nothing else I can take it from here. I just don't understand how they got my account without a key-logger unless this is an internal problem with Blizzard employees but if it is they will never admit it....lol

You have a great day, Corey

#14 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 20 June 2010 - 12:12 PM

Hello, Bluabnshee.
No problem. Here's a free virus scan that's decent. If you post the log, I can take a look and see if we need to root anything else out.

I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#15 Bluabnshee

Bluabnshee
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 21 June 2010 - 08:49 PM

etavares I got real busy but I'm running the scan tonight and should have the report on here later tonight or in the morning......... Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users