Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dreaded Happili


  • Please log in to reply
27 replies to this topic

#1 Cian13th

Cian13th

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 09 April 2012 - 11:49 PM

I was infected with a happili virus a week ago. I wasn't aware how horrible this was until it just kept spamming my google searches. Now I'm super annoyed and I want to know how to remove the virus. I read up on it and it seems that it's different for each individual since this virus can infect anything in your registry and stay hidden. So how do I remove it?

BC AdBot (Login to Remove)

 


#2 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 01:52 AM

My PC seems to have started getting slower. I have no idea if it's directly connected to Happili virus or not. I've scanned with malware-antibtes and no malware was detected. Still need help for a fix. Thanks in advance!

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:51 AM

Posted 11 April 2012 - 04:53 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#4 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 08:16 PM

18:01:10.0803 8372 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
18:01:11.0598 8372 ============================================================
18:01:11.0598 8372 Current date / time: 2012/04/11 18:01:11.0598
18:01:11.0598 8372 SystemInfo:
18:01:11.0598 8372
18:01:11.0599 8372 OS Version: 6.1.7600 ServicePack: 0.0
18:01:11.0599 8372 Product type: Workstation
18:01:11.0599 8372 ComputerName: CHRISTIAN-PC
18:01:11.0599 8372 UserName: Christian_2
18:01:11.0599 8372 Windows directory: C:\Windows
18:01:11.0599 8372 System windows directory: C:\Windows
18:01:11.0599 8372 Processor architecture: Intel x86
18:01:11.0599 8372 Number of processors: 3
18:01:11.0599 8372 Page size: 0x1000
18:01:11.0599 8372 Boot type: Normal boot
18:01:11.0599 8372 ============================================================
18:01:21.0886 8372 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:01:21.0898 8372 \Device\Harddisk0\DR0:
18:01:21.0912 8372 MBR used
18:01:21.0912 8372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1
18:01:21.0946 8372 Initialize success
18:01:21.0946 8372 ============================================================
18:01:37.0764 1976 ============================================================
18:01:37.0764 1976 Scan started
18:01:37.0764 1976 Mode: Manual; TDLFS;
18:01:37.0764 1976 ============================================================
18:01:40.0969 1976 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\drivers\1394ohci.sys
18:01:40.0971 1976 1394ohci - ok
18:01:41.0440 1976 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\drivers\ACPI.sys
18:01:41.0442 1976 ACPI - ok
18:01:41.0576 1976 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\drivers\acpipmi.sys
18:01:41.0577 1976 AcpiPmi - ok
18:01:41.0847 1976 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:01:41.0849 1976 AdobeARMservice - ok
18:01:42.0025 1976 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:01:42.0029 1976 adp94xx - ok
18:01:42.0149 1976 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:01:42.0152 1976 adpahci - ok
18:01:42.0174 1976 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:01:42.0176 1976 adpu320 - ok
18:01:42.0370 1976 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:01:42.0371 1976 AeLookupSvc - ok
18:01:42.0448 1976 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
18:01:42.0451 1976 AFD - ok
18:01:42.0515 1976 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:01:42.0516 1976 agp440 - ok
18:01:42.0623 1976 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:01:42.0625 1976 aic78xx - ok
18:01:42.0948 1976 Akamai (1125c7d9fb8898015829c387c1bc87c7) c:\program files\common files\akamai/netsession_win_6c825ce.dll
18:01:42.0949 1976 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_6c825ce.dll. md5: 1125c7d9fb8898015829c387c1bc87c7
18:01:42.0958 1976 Akamai ( HiddenFile.Multi.Generic ) - warning
18:01:42.0959 1976 Akamai - detected HiddenFile.Multi.Generic (1)
18:01:43.0079 1976 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:01:43.0081 1976 ALG - ok
18:01:43.0220 1976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:01:43.0235 1976 aliide - ok
18:01:43.0645 1976 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:01:43.0646 1976 amdagp - ok
18:01:43.0756 1976 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:01:43.0757 1976 amdide - ok
18:01:43.0852 1976 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:01:43.0853 1976 AmdK8 - ok
18:01:43.0888 1976 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:01:43.0890 1976 AmdPPM - ok
18:01:43.0975 1976 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
18:01:43.0977 1976 amdsata - ok
18:01:44.0036 1976 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:01:44.0038 1976 amdsbs - ok
18:01:44.0058 1976 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
18:01:44.0061 1976 amdxata - ok
18:01:44.0169 1976 ApfiltrService (9910a9c7d307a9e156d951248601c33e) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:01:44.0172 1976 ApfiltrService - ok
18:01:44.0232 1976 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
18:01:44.0233 1976 AppID - ok
18:01:44.0262 1976 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:01:44.0267 1976 AppIDSvc - ok
18:01:44.0318 1976 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
18:01:44.0320 1976 Appinfo - ok
18:01:44.0431 1976 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:01:44.0434 1976 Apple Mobile Device - ok
18:01:44.0470 1976 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:01:44.0472 1976 AppMgmt - ok
18:01:44.0785 1976 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:01:44.0787 1976 arc - ok
18:01:44.0857 1976 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:01:44.0858 1976 arcsas - ok
18:01:45.0103 1976 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:01:45.0103 1976 AsyncMac - ok
18:01:45.0291 1976 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:01:45.0292 1976 atapi - ok
18:01:45.0535 1976 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:01:45.0539 1976 AudioEndpointBuilder - ok
18:01:45.0625 1976 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:01:45.0629 1976 Audiosrv - ok
18:01:45.0997 1976 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
18:01:46.0000 1976 AxInstSV - ok
18:01:46.0242 1976 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:01:46.0246 1976 b06bdrv - ok
18:01:46.0309 1976 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:01:46.0312 1976 b57nd60x - ok
18:01:46.0387 1976 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:01:46.0388 1976 BDESVC - ok
18:01:46.0420 1976 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:01:46.0421 1976 Beep - ok
18:01:46.0466 1976 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
18:01:46.0471 1976 BFE - ok
18:01:46.0540 1976 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
18:01:46.0557 1976 BITS - ok
18:01:46.0610 1976 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:01:46.0611 1976 blbdrive - ok
18:01:46.0792 1976 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:01:46.0795 1976 Bonjour Service - ok
18:01:46.0874 1976 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
18:01:46.0876 1976 bowser - ok
18:01:46.0962 1976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:01:46.0963 1976 BrFiltLo - ok
18:01:47.0020 1976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:01:47.0022 1976 BrFiltUp - ok
18:01:47.0074 1976 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
18:01:47.0076 1976 Browser - ok
18:01:47.0115 1976 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:01:47.0118 1976 Brserid - ok
18:01:47.0167 1976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:01:47.0168 1976 BrSerWdm - ok
18:01:47.0238 1976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:01:47.0239 1976 BrUsbMdm - ok
18:01:47.0278 1976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:01:47.0279 1976 BrUsbSer - ok
18:01:47.0332 1976 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:01:47.0334 1976 BTHMODEM - ok
18:01:47.0394 1976 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:01:47.0396 1976 bthserv - ok
18:01:47.0641 1976 CareMon (7f771059963775add679efed7b1910c9) C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
18:01:47.0643 1976 CareMon - ok
18:01:47.0694 1976 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:01:47.0696 1976 cdfs - ok
18:01:47.0779 1976 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\drivers\cdrom.sys
18:01:47.0781 1976 cdrom - ok
18:01:47.0888 1976 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:01:47.0890 1976 CertPropSvc - ok
18:01:47.0941 1976 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:01:47.0942 1976 circlass - ok
18:01:48.0010 1976 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:01:48.0013 1976 CLFS - ok
18:01:48.0068 1976 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:01:48.0070 1976 clr_optimization_v2.0.50727_32 - ok
18:01:48.0192 1976 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:01:48.0195 1976 clr_optimization_v4.0.30319_32 - ok
18:01:48.0290 1976 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:01:48.0291 1976 CmBatt - ok
18:01:48.0354 1976 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:01:48.0355 1976 cmdide - ok
18:01:48.0524 1976 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
18:01:48.0527 1976 CNG - ok
18:01:48.0576 1976 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:01:48.0578 1976 Compbatt - ok
18:01:48.0721 1976 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\drivers\CompositeBus.sys
18:01:48.0723 1976 CompositeBus - ok
18:01:49.0138 1976 COMSysApp - ok
18:01:49.0351 1976 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:01:49.0353 1976 crcdisk - ok
18:01:49.0421 1976 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
18:01:49.0424 1976 CryptSvc - ok
18:01:49.0700 1976 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
18:01:49.0704 1976 CSC - ok
18:01:49.0997 1976 CscService (56fb5f222ea30d3d3fc459879772cb73) C:\Windows\System32\cscsvc.dll
18:01:50.0003 1976 CscService - ok
18:01:50.0129 1976 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:01:50.0135 1976 DcomLaunch - ok
18:01:50.0190 1976 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:01:50.0193 1976 defragsvc - ok
18:01:50.0279 1976 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
18:01:50.0281 1976 DfsC - ok
18:01:50.0405 1976 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
18:01:50.0408 1976 Dhcp - ok
18:01:50.0462 1976 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:01:50.0463 1976 discache - ok
18:01:50.0562 1976 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:01:50.0563 1976 Disk - ok
18:01:50.0643 1976 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
18:01:50.0646 1976 Dnscache - ok
18:01:50.0677 1976 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
18:01:50.0734 1976 dot3svc - ok
18:01:50.0848 1976 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
18:01:50.0850 1976 Dot4 - ok
18:01:50.0919 1976 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\Windows\system32\drivers\Dot4Prt.sys
18:01:50.0920 1976 Dot4Print - ok
18:01:50.0994 1976 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
18:01:50.0995 1976 dot4usb - ok
18:01:51.0043 1976 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
18:01:51.0045 1976 DPS - ok
18:01:51.0077 1976 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:01:51.0079 1976 drmkaud - ok
18:01:51.0266 1976 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
18:01:51.0354 1976 DXGKrnl - ok
18:01:51.0395 1976 EagleXNt - ok
18:01:51.0425 1976 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:01:51.0428 1976 EapHost - ok
18:01:51.0731 1976 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:01:51.0759 1976 ebdrv - ok
18:01:51.0809 1976 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
18:01:51.0818 1976 EFS - ok
18:01:51.0888 1976 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
18:01:51.0894 1976 ehRecvr - ok
18:01:51.0913 1976 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:01:51.0915 1976 ehSched - ok
18:01:52.0010 1976 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:01:52.0015 1976 elxstor - ok
18:01:52.0092 1976 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:01:52.0093 1976 ErrDev - ok
18:01:52.0294 1976 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:01:52.0298 1976 EventSystem - ok
18:01:52.0405 1976 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:01:52.0407 1976 exfat - ok
18:01:52.0425 1976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:01:52.0438 1976 fastfat - ok
18:01:52.0499 1976 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
18:01:52.0505 1976 Fax - ok
18:01:52.0561 1976 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:01:52.0562 1976 fdc - ok
18:01:52.0842 1976 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:01:52.0844 1976 fdPHost - ok
18:01:53.0029 1976 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:01:53.0095 1976 FDResPub - ok
18:01:53.0126 1976 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:01:53.0127 1976 FileInfo - ok
18:01:53.0170 1976 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:01:53.0171 1976 Filetrace - ok
18:01:53.0233 1976 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:01:53.0234 1976 flpydisk - ok
18:01:53.0399 1976 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:01:53.0401 1976 FltMgr - ok
18:01:53.0611 1976 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
18:01:53.0650 1976 FontCache - ok
18:01:53.0763 1976 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:01:53.0780 1976 FontCache3.0.0.0 - ok
18:01:53.0941 1976 ForceWare Intelligent Application Manager (IAM) (7dff82acdab23414abc2a95fef8982f8) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
18:01:53.0999 1976 ForceWare Intelligent Application Manager (IAM) - ok
18:01:54.0255 1976 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:01:54.0257 1976 FsDepends - ok
18:01:54.0312 1976 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:01:54.0336 1976 Fs_Rec - ok
18:01:54.0501 1976 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
18:01:54.0503 1976 fvevol - ok
18:01:54.0552 1976 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:01:54.0555 1976 gagp30kx - ok
18:01:54.0571 1976 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:01:54.0572 1976 GEARAspiWDM - ok
18:01:54.0624 1976 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
18:01:54.0625 1976 giveio - ok
18:01:54.0767 1976 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
18:01:54.0785 1976 gpsvc - ok
18:01:54.0848 1976 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:01:54.0851 1976 gupdate - ok
18:01:54.0882 1976 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:01:54.0884 1976 gupdatem - ok
18:01:54.0922 1976 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:01:54.0925 1976 gusvc - ok
18:01:55.0024 1976 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:01:55.0041 1976 hcw85cir - ok
18:01:55.0445 1976 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
18:01:55.0468 1976 HdAudAddService - ok
18:01:55.0576 1976 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\drivers\HDAudBus.sys
18:01:55.0578 1976 HDAudBus - ok
18:01:55.0644 1976 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:01:55.0646 1976 HidBatt - ok
18:01:55.0663 1976 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:01:55.0665 1976 HidBth - ok
18:01:55.0678 1976 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:01:55.0683 1976 HidIr - ok
18:01:55.0720 1976 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:01:55.0723 1976 hidserv - ok
18:01:55.0786 1976 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
18:01:55.0787 1976 HidUsb - ok
18:01:55.0811 1976 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
18:01:55.0814 1976 hkmsvc - ok
18:01:55.0865 1976 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
18:01:55.0892 1976 HomeGroupListener - ok
18:01:55.0957 1976 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
18:01:55.0962 1976 HomeGroupProvider - ok
18:01:56.0168 1976 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:01:56.0170 1976 hpqcxs08 - ok
18:01:56.0270 1976 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:01:56.0272 1976 hpqddsvc - ok
18:01:56.0336 1976 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:01:56.0339 1976 HpSAMD - ok
18:01:56.0410 1976 HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
18:01:56.0425 1976 HsfXAudioService - ok
18:01:56.0487 1976 HSF_DP (0f5ed510a6c361420bc319e0cf96c1dc) C:\Windows\system32\DRIVERS\HSX_DP.sys
18:01:56.0497 1976 HSF_DP - ok
18:01:56.0555 1976 HSXHWBS2 (186c11d0ca0e53b1ee266633b9d8b393) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
18:01:56.0558 1976 HSXHWBS2 - ok
18:01:56.0645 1976 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
18:01:56.0650 1976 HTTP - ok
18:01:56.0670 1976 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
18:01:56.0671 1976 hwpolicy - ok
18:01:56.0766 1976 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
18:01:56.0768 1976 i8042prt - ok
18:01:56.0831 1976 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
18:01:56.0836 1976 iaStorV - ok
18:01:56.0928 1976 IDMWFP (abdb3c09f68292f0eb9c81855c0e47b5) C:\Windows\system32\DRIVERS\idmwfp.sys
18:01:56.0929 1976 IDMWFP - ok
18:01:56.0997 1976 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:01:57.0023 1976 idsvc - ok
18:01:57.0235 1976 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:01:57.0254 1976 iirsp - ok
18:01:57.0419 1976 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
18:01:57.0455 1976 IKEEXT - ok
18:01:57.0667 1976 ImmunetProtect (0085862d37972a36a5a2c3bf10596c50) C:\Program Files\Immunet Protect\2.0.17\agent.exe
18:01:57.0698 1976 ImmunetProtect - ok
18:01:57.0737 1976 ImmunetProtectDriver (0452cbd785659bb9e86b6c849bc292f9) C:\Windows\system32\DRIVERS\ImmunetProtect.sys
18:01:57.0738 1976 ImmunetProtectDriver - ok
18:01:57.0756 1976 ImmunetSelfProtectDriver (426737322b000e3d9d7fb5b13f443b27) C:\Windows\system32\DRIVERS\ImmunetSelfProtect.sys
18:01:57.0757 1976 ImmunetSelfProtectDriver - ok
18:01:57.0951 1976 IntcAzAudAddService (d4394a481b845cc1df361a85751c071a) C:\Windows\system32\drivers\RTKVHDA.sys
18:01:57.0999 1976 IntcAzAudAddService - ok
18:01:58.0133 1976 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:01:58.0135 1976 intelide - ok
18:01:58.0172 1976 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:01:58.0175 1976 intelppm - ok
18:01:58.0194 1976 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:01:58.0197 1976 IPBusEnum - ok
18:01:58.0227 1976 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:01:58.0254 1976 IpFilterDriver - ok
18:01:58.0310 1976 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
18:01:58.0316 1976 iphlpsvc - ok
18:01:58.0363 1976 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\drivers\IPMIDrv.sys
18:01:58.0378 1976 IPMIDRV - ok
18:01:58.0407 1976 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:01:58.0411 1976 IPNAT - ok
18:01:58.0512 1976 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
18:01:58.0529 1976 iPod Service - ok
18:01:58.0573 1976 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:01:58.0595 1976 IRENUM - ok
18:01:58.0645 1976 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:01:58.0647 1976 isapnp - ok
18:01:58.0685 1976 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\drivers\msiscsi.sys
18:01:58.0708 1976 iScsiPrt - ok
18:01:58.0780 1976 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:01:58.0782 1976 kbdclass - ok
18:01:58.0868 1976 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
18:01:58.0870 1976 kbdhid - ok
18:01:58.0908 1976 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:01:58.0931 1976 KeyIso - ok
18:01:58.0976 1976 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
18:01:58.0978 1976 KSecDD - ok
18:01:59.0070 1976 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
18:01:59.0072 1976 KSecPkg - ok
18:01:59.0123 1976 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:01:59.0186 1976 KtmRm - ok
18:01:59.0308 1976 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
18:01:59.0313 1976 LanmanServer - ok
18:01:59.0437 1976 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
18:01:59.0441 1976 LanmanWorkstation - ok
18:01:59.0569 1976 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:01:59.0570 1976 lltdio - ok
18:01:59.0612 1976 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:01:59.0617 1976 lltdsvc - ok
18:01:59.0639 1976 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:01:59.0643 1976 lmhosts - ok
18:01:59.0692 1976 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:01:59.0695 1976 LSI_FC - ok
18:01:59.0728 1976 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:01:59.0731 1976 LSI_SAS - ok
18:01:59.0764 1976 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:01:59.0774 1976 LSI_SAS2 - ok
18:01:59.0790 1976 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:01:59.0792 1976 LSI_SCSI - ok
18:01:59.0811 1976 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:01:59.0812 1976 luafv - ok
18:01:59.0860 1976 lvpopflt (01f0e010acb61472163e9d02d3ff531a) C:\Windows\system32\DRIVERS\lvpopflt.sys
18:01:59.0872 1976 lvpopflt - ok
18:01:59.0982 1976 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\Windows\system32\Drivers\LVPr2Mon.sys
18:01:59.0983 1976 LVPr2Mon - ok
18:02:00.0052 1976 LVPrcSrv (2333057542c91ae8228bdccc2e5f2632) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
18:02:00.0054 1976 LVPrcSrv - ok
18:02:00.0149 1976 LVRS (7521c0c58ee91be90b6cc33e792d10c7) C:\Windows\system32\DRIVERS\lvrs.sys
18:02:00.0152 1976 LVRS - ok
18:02:00.0334 1976 LVUVC (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
18:02:00.0370 1976 LVUVC - ok
18:02:00.0464 1976 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
18:02:00.0465 1976 MBAMProtector - ok
18:02:00.0547 1976 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:02:00.0554 1976 MBAMService - ok
18:02:00.0616 1976 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
18:02:00.0621 1976 Mcx2Svc - ok
18:02:00.0660 1976 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:02:00.0661 1976 mdmxsdk - ok
18:02:00.0710 1976 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:02:00.0713 1976 megasas - ok
18:02:00.0745 1976 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:02:00.0761 1976 MegaSR - ok
18:02:00.0784 1976 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:02:00.0787 1976 MMCSS - ok
18:02:00.0808 1976 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:02:00.0810 1976 Modem - ok
18:02:00.0862 1976 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:02:00.0863 1976 monitor - ok
18:02:00.0890 1976 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:02:00.0891 1976 mouclass - ok
18:02:00.0906 1976 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:02:00.0907 1976 mouhid - ok
18:02:00.0965 1976 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
18:02:00.0968 1976 mountmgr - ok
18:02:01.0046 1976 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\drivers\mpio.sys
18:02:01.0050 1976 mpio - ok
18:02:01.0100 1976 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:02:01.0101 1976 mpsdrv - ok
18:02:01.0150 1976 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
18:02:01.0159 1976 MpsSvc - ok
18:02:01.0199 1976 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
18:02:01.0201 1976 MRxDAV - ok
18:02:01.0274 1976 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:02:01.0276 1976 mrxsmb - ok
18:02:01.0341 1976 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:02:01.0343 1976 mrxsmb10 - ok
18:02:01.0410 1976 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:02:01.0411 1976 mrxsmb20 - ok
18:02:01.0493 1976 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
18:02:01.0495 1976 msahci - ok
18:02:01.0537 1976 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
18:02:01.0554 1976 msdsm - ok
18:02:01.0614 1976 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:02:01.0646 1976 MSDTC - ok
18:02:01.0702 1976 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:02:01.0703 1976 Msfs - ok
18:02:01.0768 1976 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:02:01.0771 1976 mshidkmdf - ok
18:02:01.0875 1976 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:02:01.0881 1976 msisadrv - ok
18:02:01.0948 1976 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:02:01.0961 1976 MSiSCSI - ok
18:02:01.0979 1976 msiserver - ok
18:02:02.0053 1976 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:02:02.0055 1976 MSKSSRV - ok
18:02:02.0116 1976 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:02:02.0121 1976 MSPCLOCK - ok
18:02:02.0192 1976 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:02:02.0199 1976 MSPQM - ok
18:02:02.0242 1976 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:02:02.0247 1976 MsRPC - ok
18:02:02.0367 1976 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:02:02.0368 1976 mssmbios - ok
18:02:02.0398 1976 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:02:02.0399 1976 MSTEE - ok
18:02:02.0429 1976 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:02:02.0430 1976 MTConfig - ok
18:02:02.0490 1976 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:02:02.0492 1976 Mup - ok
18:02:02.0595 1976 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
18:02:02.0620 1976 napagent - ok
18:02:02.0692 1976 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:02:02.0696 1976 NativeWifiP - ok
18:02:02.0770 1976 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
18:02:02.0803 1976 NDIS - ok
18:02:02.0870 1976 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:02:02.0872 1976 NdisCap - ok
18:02:02.0950 1976 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:02:02.0951 1976 NdisTapi - ok
18:02:02.0980 1976 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
18:02:02.0982 1976 Ndisuio - ok
18:02:03.0009 1976 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
18:02:03.0011 1976 NdisWan - ok
18:02:03.0066 1976 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
18:02:03.0068 1976 NDProxy - ok
18:02:03.0147 1976 Net Driver HPZ12 (f7c14f5077bf2bc476c348b88a7f74e2) C:\Windows\system32\HPZinw12.dll
18:02:03.0150 1976 Net Driver HPZ12 - ok
18:02:03.0200 1976 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:02:03.0201 1976 NetBIOS - ok
18:02:03.0258 1976 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
18:02:03.0261 1976 NetBT - ok
18:02:03.0300 1976 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:02:03.0302 1976 Netlogon - ok
18:02:03.0409 1976 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:02:03.0414 1976 Netman - ok
18:02:03.0466 1976 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:02:03.0472 1976 netprofm - ok
18:02:03.0645 1976 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:02:03.0754 1976 NetTcpPortSharing - ok
18:02:03.0799 1976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:02:03.0801 1976 nfrd960 - ok
18:02:03.0828 1976 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
18:02:03.0834 1976 NlaSvc - ok
18:02:03.0858 1976 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:02:03.0859 1976 Npfs - ok
18:02:03.0912 1976 npggsvc - ok
18:02:03.0943 1976 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:02:03.0951 1976 nsi - ok
18:02:03.0972 1976 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:02:03.0973 1976 nsiproxy - ok
18:02:04.0060 1976 nSvcIp (198ff60a42802c319fba58fdb13eee49) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
18:02:04.0067 1976 nSvcIp - ok
18:02:04.0124 1976 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
18:02:04.0204 1976 Ntfs - ok
18:02:04.0516 1976 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:02:04.0518 1976 Null - ok
18:02:04.0578 1976 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
18:02:04.0592 1976 NVENETFD - ok
18:02:05.0737 1976 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:02:05.0827 1976 nvlddmkm - ok
18:02:06.0029 1976 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
18:02:06.0037 1976 NVNET - ok
18:02:06.0248 1976 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
18:02:06.0251 1976 nvraid - ok
18:02:06.0351 1976 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
18:02:06.0355 1976 nvstor - ok
18:02:06.0418 1976 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
18:02:06.0421 1976 nvstor32 - ok
18:02:06.0633 1976 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
18:02:06.0754 1976 nvsvc - ok
18:02:07.0484 1976 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:02:07.0500 1976 nvUpdatusService - ok
18:02:07.0750 1976 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:02:07.0766 1976 nv_agp - ok
18:02:08.0099 1976 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:02:08.0150 1976 ohci1394 - ok
18:02:08.0254 1976 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:02:08.0261 1976 p2pimsvc - ok
18:02:08.0318 1976 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:02:08.0332 1976 p2psvc - ok
18:02:08.0394 1976 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:02:08.0450 1976 Parport - ok
18:02:08.0484 1976 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
18:02:08.0487 1976 partmgr - ok
18:02:08.0549 1976 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:02:08.0584 1976 Parvdm - ok
18:02:08.0634 1976 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:02:08.0649 1976 PcaSvc - ok
18:02:08.0715 1976 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\drivers\pci.sys
18:02:08.0721 1976 pci - ok
18:02:08.0825 1976 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:02:08.0860 1976 pciide - ok
18:02:08.0911 1976 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:02:08.0941 1976 pcmcia - ok
18:02:09.0030 1976 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\Windows\system32\drivers\PCTCore.sys
18:02:09.0034 1976 PCTCore - ok
18:02:09.0096 1976 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\Windows\system32\drivers\pctDS.sys
18:02:09.0126 1976 pctDS - ok
18:02:09.0325 1976 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\Windows\system32\drivers\pctEFA.sys
18:02:09.0343 1976 pctEFA - ok
18:02:09.0366 1976 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:02:09.0374 1976 pcw - ok
18:02:09.0415 1976 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:02:09.0421 1976 PEAUTH - ok
18:02:09.0638 1976 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
18:02:09.0680 1976 PeerDistSvc - ok
18:02:09.0793 1976 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
18:02:09.0839 1976 pla - ok
18:02:10.0104 1976 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
18:02:10.0112 1976 PlugPlay - ok
18:02:10.0193 1976 Pml Driver HPZ12 (e638656001c52a1faa34f92e6d3a086b) C:\Windows\system32\HPZipm12.dll
18:02:10.0197 1976 Pml Driver HPZ12 - ok
18:02:10.0238 1976 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:02:10.0241 1976 PNRPAutoReg - ok
18:02:10.0290 1976 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:02:10.0295 1976 PNRPsvc - ok
18:02:10.0338 1976 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
18:02:10.0345 1976 PolicyAgent - ok
18:02:10.0430 1976 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
18:02:10.0470 1976 Power - ok
18:02:10.0555 1976 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:02:10.0557 1976 PptpMiniport - ok
18:02:10.0585 1976 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:02:10.0588 1976 Processor - ok
18:02:10.0618 1976 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
18:02:10.0625 1976 ProfSvc - ok
18:02:10.0666 1976 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:02:10.0668 1976 ProtectedStorage - ok
18:02:10.0902 1976 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:02:10.0914 1976 Psched - ok
18:02:10.0971 1976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:02:11.0005 1976 ql2300 - ok
18:02:11.0028 1976 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:02:11.0031 1976 ql40xx - ok
18:02:11.0088 1976 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:02:11.0183 1976 QWAVE - ok
18:02:11.0312 1976 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:02:11.0315 1976 QWAVEdrv - ok
18:02:11.0345 1976 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:02:11.0346 1976 RasAcd - ok
18:02:11.0424 1976 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:02:11.0425 1976 RasAgileVpn - ok
18:02:11.0489 1976 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:02:11.0494 1976 RasAuto - ok
18:02:11.0588 1976 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:02:11.0590 1976 Rasl2tp - ok
18:02:11.0737 1976 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
18:02:11.0756 1976 RasMan - ok
18:02:11.0789 1976 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:02:11.0791 1976 RasPppoe - ok
18:02:12.0017 1976 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:02:12.0019 1976 RasSstp - ok
18:02:12.0052 1976 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
18:02:12.0078 1976 rdbss - ok
18:02:12.0143 1976 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:02:12.0160 1976 rdpbus - ok
18:02:12.0174 1976 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:02:12.0175 1976 RDPCDD - ok
18:02:12.0282 1976 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
18:02:12.0286 1976 RDPDR - ok
18:02:12.0308 1976 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:02:12.0310 1976 RDPENCDD - ok
18:02:12.0339 1976 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:02:12.0340 1976 RDPREFMP - ok
18:02:12.0456 1976 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
18:02:12.0485 1976 RDPWD - ok
18:02:13.0126 1976 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
18:02:13.0139 1976 rdyboost - ok
18:02:13.0169 1976 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:02:13.0175 1976 RemoteAccess - ok
18:02:13.0223 1976 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:02:13.0229 1976 RemoteRegistry - ok
18:02:13.0337 1976 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
18:02:13.0339 1976 Revoflt - ok
18:02:13.0388 1976 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:02:13.0393 1976 RpcEptMapper - ok
18:02:13.0444 1976 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:02:13.0448 1976 RpcLocator - ok
18:02:13.0485 1976 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:02:13.0491 1976 RpcSs - ok
18:02:13.0601 1976 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:02:13.0602 1976 rspndr - ok
18:02:13.0670 1976 RSUSBSTOR (c5acb4d2ca623f678257b0844bd1ac8a) C:\Windows\system32\Drivers\RtsUStor.sys
18:02:13.0672 1976 RSUSBSTOR - ok
18:02:13.0899 1976 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\drivers\vms3cap.sys
18:02:13.0902 1976 s3cap - ok
18:02:13.0977 1976 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:02:13.0980 1976 SamSs - ok
18:02:14.0048 1976 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\drivers\sbp2port.sys
18:02:14.0051 1976 sbp2port - ok
18:02:14.0207 1976 scan (90e4994582ca688cd6f93af4e2870188) C:\Program Files\Immunet Protect\tetra\scan.dll
18:02:14.0220 1976 scan - ok
18:02:14.0329 1976 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:02:14.0339 1976 SCardSvr - ok
18:02:14.0437 1976 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
18:02:14.0442 1976 scfilter - ok
18:02:14.0519 1976 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
18:02:14.0591 1976 Schedule - ok
18:02:14.0701 1976 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:02:14.0703 1976 SCPolicySvc - ok
18:02:14.0769 1976 sdAuxService (a1089ac7683826e6c7c9fab9723dd80f) C:\Program Files\PC Tools Security\pctsAuxs.exe
18:02:14.0772 1976 sdAuxService - ok
18:02:14.0830 1976 sdCoreService (ed6c2efeb47524bff4d5e5109fb1a2bb) C:\Program Files\PC Tools Security\pctsSvc.exe
18:02:14.0841 1976 sdCoreService - ok
18:02:14.0896 1976 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
18:02:14.0900 1976 SDRSVC - ok
18:02:14.0989 1976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:02:14.0990 1976 secdrv - ok
18:02:15.0014 1976 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:02:15.0018 1976 seclogon - ok
18:02:15.0065 1976 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:02:15.0079 1976 SENS - ok
18:02:15.0144 1976 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:02:15.0886 1976 SensrSvc - ok
18:02:16.0446 1976 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:02:16.0451 1976 Serenum - ok
18:02:16.0483 1976 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:02:16.0490 1976 Serial - ok
18:02:16.0575 1976 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:02:16.0644 1976 sermouse - ok
18:02:16.0776 1976 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
18:02:16.0790 1976 SessionEnv - ok
18:02:16.0837 1976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:02:16.0839 1976 sffdisk - ok
18:02:16.0852 1976 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:02:16.0855 1976 sffp_mmc - ok
18:02:16.0926 1976 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\drivers\sffp_sd.sys
18:02:16.0928 1976 sffp_sd - ok
18:02:17.0197 1976 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:02:17.0200 1976 sfloppy - ok
18:02:17.0284 1976 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:02:17.0299 1976 SharedAccess - ok
18:02:17.0390 1976 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
18:02:17.0411 1976 ShellHWDetection - ok
18:02:17.0516 1976 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:02:17.0533 1976 sisagp - ok
18:02:17.0576 1976 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:02:17.0579 1976 SiSRaid2 - ok
18:02:17.0658 1976 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:02:17.0674 1976 SiSRaid4 - ok
18:02:17.0712 1976 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:02:17.0714 1976 Smb - ok
18:02:17.0840 1976 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:02:17.0845 1976 SNMPTRAP - ok
18:02:17.0936 1976 speedfan (9f70cd5edcc4efc48ae21e04fb03be9d) C:\Windows\system32\speedfan.sys
18:02:17.0946 1976 speedfan - ok
18:02:17.0987 1976 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:02:18.0007 1976 spldr - ok
18:02:18.0048 1976 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
18:02:18.0064 1976 Spooler - ok
18:02:18.0243 1976 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
18:02:18.0328 1976 sppsvc - ok
18:02:18.0362 1976 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
18:02:18.0374 1976 sppuinotify - ok
18:02:18.0455 1976 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
18:02:18.0458 1976 srv - ok
18:02:18.0538 1976 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
18:02:18.0542 1976 srv2 - ok
18:02:18.0636 1976 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
18:02:18.0639 1976 srvnet - ok
18:02:18.0763 1976 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
18:02:18.0790 1976 sscdbus - ok
18:02:19.0020 1976 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:02:19.0175 1976 sscdmdfl - ok
18:02:19.0510 1976 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
18:02:19.0514 1976 sscdmdm - ok
18:02:19.0569 1976 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
18:02:19.0572 1976 sscdserd - ok
18:02:19.0681 1976 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:02:19.0842 1976 SSDPSRV - ok
18:02:20.0237 1976 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:02:20.0244 1976 SstpSvc - ok
18:02:20.0328 1976 Steam Client Service - ok
18:02:20.0356 1976 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:02:20.0359 1976 stexstor - ok
18:02:20.0398 1976 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
18:02:20.0414 1976 StiSvc - ok
18:02:20.0460 1976 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\drivers\vmstorfl.sys
18:02:20.0462 1976 storflt - ok
18:02:20.0608 1976 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\drivers\storvsc.sys
18:02:20.0616 1976 storvsc - ok
18:02:20.0845 1976 supersafer (28f0f7f8e4c9039289c80ca1385bc4b7) C:\Windows\system32\drivers\supersafer.sys
18:02:20.0849 1976 supersafer - ok
18:02:20.0971 1976 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:02:20.0974 1976 swenum - ok
18:02:21.0002 1976 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:02:21.0009 1976 swprv - ok
18:02:21.0511 1976 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
18:02:21.0617 1976 SysMain - ok
18:02:21.0709 1976 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
18:02:21.0727 1976 TabletInputService - ok
18:02:21.0785 1976 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
18:02:21.0800 1976 TapiSrv - ok
18:02:21.0841 1976 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:02:21.0845 1976 TBS - ok
18:02:22.0073 1976 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
18:02:22.0113 1976 Tcpip - ok
18:02:22.0328 1976 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
18:02:22.0340 1976 TCPIP6 - ok
18:02:22.0406 1976 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
18:02:22.0407 1976 tcpipreg - ok
18:02:22.0433 1976 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
18:02:22.0589 1976 TDPIPE - ok
18:02:23.0865 1976 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
18:02:23.0892 1976 TDTCP - ok
18:02:24.0273 1976 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
18:02:24.0277 1976 tdx - ok
18:02:24.0339 1976 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\drivers\termdd.sys
18:02:24.0348 1976 TermDD - ok
18:02:24.0685 1976 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
18:02:24.0730 1976 TermService - ok
18:02:24.0771 1976 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:02:24.0786 1976 Themes - ok
18:02:24.0883 1976 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:02:24.0886 1976 THREADORDER - ok
18:02:25.0041 1976 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:02:25.0195 1976 TrkWks - ok
18:02:25.0560 1976 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
18:02:25.0563 1976 TrustedInstaller - ok
18:02:25.0956 1976 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:02:25.0995 1976 tssecsrv - ok
18:02:26.0063 1976 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
18:02:26.0089 1976 tunnel - ok
18:02:26.0113 1976 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:02:26.0116 1976 uagp35 - ok
18:02:26.0214 1976 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
18:02:26.0225 1976 udfs - ok
18:02:26.0554 1976 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:02:26.0573 1976 UI0Detect - ok
18:02:26.0794 1976 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:02:26.0797 1976 uliagpkx - ok
18:02:26.0927 1976 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\drivers\umbus.sys
18:02:26.0931 1976 umbus - ok
18:02:26.0961 1976 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:02:26.0963 1976 UmPass - ok
18:02:27.0049 1976 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) C:\Windows\System32\umrdp.dll
18:02:27.0056 1976 UmRdpService - ok
18:02:27.0510 1976 UMVPFSrv (927754abf077aeb5504be4e0f2c60c1b) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:02:27.0539 1976 UMVPFSrv - ok
18:02:27.0735 1976 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:02:27.0740 1976 upnphost - ok
18:02:27.0839 1976 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
18:02:27.0885 1976 USBAAPL - ok
18:02:27.0965 1976 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
18:02:27.0977 1976 usbaudio - ok
18:02:28.0106 1976 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
18:02:28.0152 1976 usbccgp - ok
18:02:28.0194 1976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:02:28.0206 1976 usbcir - ok
18:02:28.0446 1976 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
18:02:28.0448 1976 usbehci - ok
18:02:28.0531 1976 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
18:02:28.0545 1976 usbhub - ok
18:02:28.0615 1976 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys
18:02:28.0616 1976 usbohci - ok
18:02:28.0815 1976 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:02:28.0817 1976 usbprint - ok
18:02:28.0862 1976 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:02:28.0865 1976 usbscan - ok
18:02:29.0040 1976 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:02:29.0042 1976 USBSTOR - ok
18:02:29.0348 1976 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
18:02:29.0355 1976 usbuhci - ok
18:02:29.0498 1976 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
18:02:29.0502 1976 usbvideo - ok
18:02:29.0814 1976 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:02:29.0858 1976 UxSms - ok
18:02:29.0998 1976 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:02:30.0001 1976 VaultSvc - ok
18:02:30.0068 1976 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:02:30.0069 1976 vdrvroot - ok
18:02:30.0152 1976 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
18:02:30.0177 1976 vds - ok
18:02:30.0276 1976 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:02:30.0279 1976 vga - ok
18:02:30.0496 1976 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:02:30.0513 1976 VgaSave - ok
18:02:30.0684 1976 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\drivers\vhdmp.sys
18:02:30.0694 1976 vhdmp - ok
18:02:30.0780 1976 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:02:30.0783 1976 viaagp - ok
18:02:30.0888 1976 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:02:30.0893 1976 ViaC7 - ok
18:02:31.0011 1976 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:02:31.0013 1976 viaide - ok
18:02:31.0076 1976 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\drivers\vmbus.sys
18:02:31.0093 1976 vmbus - ok
18:02:31.0242 1976 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\drivers\VMBusHID.sys
18:02:31.0258 1976 VMBusHID - ok
18:02:31.0492 1976 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\drivers\volmgr.sys
18:02:31.0555 1976 volmgr - ok
18:02:31.0614 1976 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:02:31.0648 1976 volmgrx - ok
18:02:32.0089 1976 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\drivers\volsnap.sys
18:02:32.0093 1976 volsnap - ok
18:02:32.0333 1976 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:02:32.0359 1976 vsmraid - ok
18:02:32.0824 1976 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
18:02:32.0840 1976 VSS - ok
18:02:32.0920 1976 VSTHWBS2 (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS
18:02:32.0925 1976 VSTHWBS2 - ok
18:02:33.0122 1976 VST_DPV (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:02:33.0150 1976 VST_DPV - ok
18:02:33.0188 1976 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:02:33.0191 1976 vwifibus - ok
18:02:33.0212 1976 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:02:33.0218 1976 W32Time - ok
18:02:33.0284 1976 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:02:33.0287 1976 WacomPen - ok
18:02:33.0355 1976 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:02:33.0359 1976 WANARP - ok
18:02:33.0370 1976 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:02:33.0372 1976 Wanarpv6 - ok
18:02:33.0495 1976 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:02:33.0542 1976 WatAdminSvc - ok
18:02:33.0620 1976 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
18:02:33.0686 1976 wbengine - ok
18:02:33.0744 1976 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:02:33.0750 1976 WbioSrvc - ok
18:02:33.0817 1976 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
18:02:33.0834 1976 wcncsvc - ok
18:02:33.0872 1976 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:02:33.0880 1976 WcsPlugInService - ok
18:02:33.0976 1976 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:02:33.0993 1976 Wd - ok
18:02:34.0045 1976 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:02:34.0052 1976 Wdf01000 - ok
18:02:34.0108 1976 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:02:34.0112 1976 WdiServiceHost - ok
18:02:34.0137 1976 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:02:34.0142 1976 WdiSystemHost - ok
18:02:34.0238 1976 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
18:02:34.0255 1976 WebClient - ok
18:02:34.0321 1976 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:02:34.0330 1976 Wecsvc - ok
18:02:34.0384 1976 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:02:34.0393 1976 wercplsupport - ok
18:02:34.0427 1976 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:02:34.0430 1976 WerSvc - ok
18:02:34.0455 1976 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:02:34.0481 1976 WfpLwf - ok
18:02:34.0514 1976 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:02:34.0517 1976 WIMMount - ok
18:02:34.0646 1976 winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:02:34.0670 1976 winachsf - ok
18:02:34.0752 1976 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:02:34.0786 1976 WinDefend - ok
18:02:34.0802 1976 WinHttpAutoProxySvc - ok
18:02:35.0153 1976 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:02:35.0156 1976 Winmgmt - ok
18:02:35.0383 1976 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
18:02:35.0413 1976 WinRM - ok
18:02:35.0558 1976 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
18:02:35.0573 1976 WinUsb - ok
18:02:35.0636 1976 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:02:35.0662 1976 Wlansvc - ok
18:02:35.0939 1976 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:02:36.0121 1976 wlidsvc - ok
18:02:36.0632 1976 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:02:36.0636 1976 WmiAcpi - ok
18:02:36.0751 1976 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:02:36.0754 1976 wmiApSrv - ok
18:02:36.0914 1976 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:02:36.0924 1976 WMPNetworkSvc - ok
18:02:36.0998 1976 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:02:37.0027 1976 WPCSvc - ok
18:02:37.0072 1976 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
18:02:37.0077 1976 WPDBusEnum - ok
18:02:37.0156 1976 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:02:37.0179 1976 ws2ifsl - ok
18:02:37.0397 1976 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\WsAudioDevice_383.sys
18:02:37.0400 1976 WsAudioDevice_383 - ok
18:02:37.0431 1976 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\System32\wscsvc.dll
18:02:37.0436 1976 wscsvc - ok
18:02:37.0463 1976 WSearch - ok
18:02:37.0552 1976 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
18:02:37.0637 1976 wuauserv - ok
18:02:37.0707 1976 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
18:02:37.0712 1976 WudfPf - ok
18:02:37.0846 1976 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:02:37.0849 1976 WUDFRd - ok
18:02:37.0885 1976 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
18:02:37.0890 1976 wudfsvc - ok
18:02:37.0935 1976 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:02:37.0964 1976 WwanSvc - ok
18:02:38.0025 1976 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
18:02:38.0100 1976 XAudio - ok
18:02:38.0148 1976 XDva387 - ok
18:02:38.0362 1976 XDva391 - ok
18:02:38.0438 1976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:02:38.0815 1976 \Device\Harddisk0\DR0 - ok
18:02:38.0865 1976 Boot (0x1200) (02f4830d1d3864da5fea3ff22b69990b) \Device\Harddisk0\DR0\Partition0
18:02:38.0891 1976 \Device\Harddisk0\DR0\Partition0 - ok
18:02:38.0895 1976 ============================================================
18:02:38.0895 1976 Scan finished
18:02:38.0895 1976 ============================================================
18:02:38.0934 3176 Detected object count: 1
18:02:38.0934 3176 Actual detected object count: 1
18:02:45.0733 3176 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:02:45.0734 3176 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Currently scanning with the other tools.

#5 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 09:25 PM

aswMBR program stopped working and soon after my screen went BSOD. Attempting to rescan. here the windows diag for it.

Files that help describe the problem:
C:\Windows\Minidump\041112-35505-01.dmp
C:\Users\Christian_2\AppData\Local\Temp\WER-152912-0.sysdata.xml

#6 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 10:07 PM

aswMBR program stopped working and soon after my screen went BSOD. Attempting to rescan. here the windows diag for it.

Files that help describe the problem:
C:\Windows\Minidump\041112-35505-01.dmp
C:\Users\Christian_2\AppData\Local\Temp\WER-152912-0.sysdata.xml


aswMBR program stopped working again. This time no BSOD occured. it seems to stop while scanning temp folder directory. I'll attempt to re-scan the 3rd time. After the program was closed, my pc ran slower. it had lag on it making the mouse skip frames when moving.

Edited by Cian13th, 11 April 2012 - 10:09 PM.


#7 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 10:19 PM

I clicked save log before any problems of a scan error occurs again. Here's the current log.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-11 20:06:31
-----------------------------
20:06:31.126 OS Version: Windows 6.1.7600
20:06:31.126 Number of processors: 3 586 0x203
20:06:31.131 ComputerName: CHRISTIAN-PC UserName: Christian_2
20:06:32.805 Initialize success
20:06:40.557 AVAST engine defs: 12041101
20:07:04.066 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
20:07:04.069 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
20:07:04.248 Disk 0 MBR read successfully
20:07:04.254 Disk 0 MBR scan
20:07:04.264 Disk 0 Windows 7 default MBR code
20:07:04.373 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610469 MB offset 63
20:07:04.450 Disk 0 scanning sectors +1250242560
20:07:05.177 Disk 0 scanning C:\Windows\system32\drivers
20:09:11.278 Service scanning
20:10:47.867 Modules scanning
20:12:24.486 Disk 0 trace - called modules:
20:12:24.513
20:12:26.290 AVAST engine scan C:\Windows
20:12:48.487 Disk 0 MBR has been saved successfully to "C:\Users\Christian_2\Desktop\MBR.dat"
20:12:48.488 The log file has been saved successfully to "C:\Users\Christian_2\Desktop\aswMBR log.txt"


I attempted to re-scan again and I got this instead

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-11 20:16:44
-----------------------------
20:16:44.004 OS Version: Windows 6.1.7600
20:16:44.004 Number of processors: 3 586 0x203
20:16:44.008 ComputerName: CHRISTIAN-PC UserName: Christian_2
20:16:45.808 Initialze error C000010E - driver not loaded
20:16:53.418 AVAST engine defs: 12041101
20:16:56.620 Scan error: Incorrect function.
20:17:05.296 The log file has been saved successfully to "C:\Users\Christian_2\Desktop\aswMBR fail scan.txt"


I'll attempt to restart and rescan again after GMER finishes scanning.

#8 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 11:30 PM

I re-scanned aswMBR tool on its 4th try and it closed again this is where it got up to :

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-11 20:06:31
-----------------------------
20:06:31.126 OS Version: Windows 6.1.7600
20:06:31.126 Number of processors: 3 586 0x203
20:06:31.131 ComputerName: CHRISTIAN-PC UserName: Christian_2
20:06:32.805 Initialize success
20:06:40.557 AVAST engine defs: 12041101
20:07:04.066 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
20:07:04.069 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
20:07:04.248 Disk 0 MBR read successfully
20:07:04.254 Disk 0 MBR scan
20:07:04.264 Disk 0 Windows 7 default MBR code
20:07:04.373 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610469
20:07:04.450 Disk 0 scanning sectors +1250242560
20:07:05.177 Disk 0 scanning C:\Windows\system32\drivers
20:09:11.278 Service scanning
20:10:47.867 Modules scanning
20:12:24.486 Disk 0 trace - called modules:
20:12:24.513
20:12:26.290 AVAST engine scan C:\Windows

---------------------------------------------------------------
Addition from the old files since I wasn't able to copy

20:12:48.487 AVAST engine scan C:\Windows\system32
20:53:33.520 AVAST engine scan C:\Windows\system32\drivers
21:08:38.281 AVAST engine scan C:\Users\Christian_2
Scanning: C:\Users\Christian_2\AppData\Local\Microsoft\Windows\Temporary Internet

Then it crashes from here. I'm not sure if the last Dir was completed but that was all I could see. Is tehre anything I can do in order to finish the scan without it being unable to work?

Edited by Cian13th, 11 April 2012 - 11:34 PM.


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:51 AM

Posted 11 April 2012 - 11:32 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

Try to run aswmbr in safemode

good luck

#10 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 11 April 2012 - 11:50 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

Try to run aswmbr in safemode

good luck


Thank you for the response. I'll run it after GMER finishes scanning and posting the logs.

#11 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 12 April 2012 - 01:23 AM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-04-11 23:20:01
Windows 6.1.7600 Harddisk0\DR0 -> \Device\00000061 WDC_WD64 rev.01.0
Running: 83vzypng.exe; Driver: C:\Users\CHRIST~2\AppData\Local\Temp\kglyiuod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0x8C235F68]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0x8C236230]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateUserProcess [0x8C23652C]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0x8C2359D8]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C995D9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CBE092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 35C 82CC599C 8 Bytes [68, 5F, 23, 8C, 30, 62, 23, ...]
.text ntkrnlpa.exe!RtlSidHashLookup + 394 82CC59D4 4 Bytes [2C, 65, 23, 8C]
.text ntkrnlpa.exe!RtlSidHashLookup + 7E8 82CC5E28 4 Bytes [D8, 59, 23, 8C]
? C:\Users\CHRIST~2\AppData\Local\Temp\aswMBR.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\csrss.exe[420] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wininit.exe[508] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\services.exe[576] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsass.exe[636] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[768] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[784] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[848] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[912] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] USER32.dll!SetWindowLongA 7698B1E3 5 Bytes JMP 66D175F7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] USER32.dll!SetWindowLongW 76996614 5 Bytes JMP 66D17589 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] USER32.dll!GetWindowInfo 76996A82 5 Bytes JMP 66AEFE0A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[944] USER32.dll!TrackPopupMenu 769B4B3B 5 Bytes JMP 66AF03C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[960] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1012] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1044] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1084] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1216] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1248] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1260] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [71, 71] {JNO 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9A, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [7A, 71] {JP 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [83, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [80, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A6, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A0, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9D, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [86, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A3, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [77, 71] {JA 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8C, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [89, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1280] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [74, 71] {JZ 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [70, 71] {JO 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [8E, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7C, 71] {JL 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [79, 71] {JNS 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [82, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [7F, 71] {JG 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A5, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [9F, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [85, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A2, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [76, 71] {JBE 0x73}
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8B, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [88, 71]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1324] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [73, 71] {JAE 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [71, 71] {JNO 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [90, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [84, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [81, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [9C, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [96, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [93, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [87, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [99, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [77, 71] {JA 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8D, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [8A, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe[1360] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [74, 71] {JZ 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\iptray.exe[1416] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\spoolsv.exe[1516] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [78, 71] {JS 0x73}
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [96, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [84, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [81, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8A, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [87, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A2, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [99, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [8D, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [9F, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [93, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [90, 71]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1548] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [72, 71] {JB 0x73}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [90, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [84, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [81, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [9C, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [96, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [93, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [87, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [99, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [78, 71] {JS 0x73}
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8D, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [8A, 71]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1648] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [75, 71] {JNZ 0x73}
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [6D, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [8C, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [79, 71] {JNS 0x73}
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [76, 71] {JBE 0x73}
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [80, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [83, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [73, 71] {JAE 0x73}
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [89, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [86, 71]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1668] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [70, 71] {JO 0x73}
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [DA, 70]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [E6, 70] {OUT 0x70, AL}
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [E3, 70] {JECXZ 0x72}
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes JMP 75C548D9
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [E0, 70] {LOOPNZ 0x72}
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1692] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [DD, 70]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1724] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe[1756] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [72, 71] {JB 0x73}
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [90, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [84, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [81, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [96, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [93, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [87, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [99, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [78, 71] {JS 0x73}
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8D, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [8A, 71]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1800] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [75, 71] {JNZ 0x73}
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[1828] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]

#12 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 12 April 2012 - 01:24 AM

.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [67, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [85, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [73, 71] {JAE 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [70, 71] {JO 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [79, 71] {JNS 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [76, 71] {JBE 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [9C, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [8B, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [88, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [7C, 71] {JL 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [8E, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [6D, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [82, 71]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [7F, 71] {JG 0x73}
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Immunet Protect\2.0.17\agent.exe[1856] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [6A, 71] {PUSH 0x71}
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe[1892] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1944] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[1976] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsAuxs.exe[2000] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [79, 71] {JNS 0x73}
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [97, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [85, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [82, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8B, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [88, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [8E, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [7F, 71] {JG 0x73}
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [94, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [91, 71]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\PC Tools Security\pctsSvc.exe[2040] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [7C, 71] {JL 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [71, 71] {JNO 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [90, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [7B, 71] {JNP 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [84, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [81, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [9C, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [96, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [93, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [87, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [99, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [77, 71] {JA 0x73}
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [8D, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [8A, 71]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe[2052] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [74, 71] {JZ 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7D, 71] {JGE 0x73}
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9B, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AD, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [89, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [86, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [8F, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8C, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A7, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A1, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9E, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [92, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A4, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [83, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [98, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [95, 71]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2108] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [80, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\Explorer.EXE[2536] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\Dwm.exe[2556] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[2596] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\ApMsgFwd.exe[2660] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\WUDFHost.exe[2672] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apoint.exe[2736] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3204] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\CrossriderWebApps\Crossrider.exe[3496] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskhost.exe[3572] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3644] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\winlogon.exe[4004] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe[4092] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[4100] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\HidFind.exe[4112] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]

.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\DellTPad\Apntex.exe[4164] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\conhost.exe[4192] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4212] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[4308] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4428] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\aswMBR.exe[4448] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IDMan.exe[4532] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\MSRebar\SysVer\SysVer.exe[4560] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\AppData\Local\Akamai\netsession_win.exe[4648] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[4668] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\SearchIndexer.exe[4868] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5200] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\taskmgr.exe[5228] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] ntdll.dll!LdrLoadDll 77C3F425 5 Bytes JMP 66979720 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] kernel32.dll!MapViewOfFile 7612C05C 5 Bytes JMP 66BAE1F4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] kernel32.dll!VirtualAlloc 76130594 5 Bytes JMP 66BAE21B C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5352] GDI32.dll!CreateDIBSection 778885F0 5 Bytes JMP 66BAE17E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5616] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[5928] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[6064] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Internet Explorer\IELowutil.exe[6276] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Users\Christian_2\Downloads\Programs\83vzypng.exe[6472] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[6496] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6720] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7140] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\System32\svchost.exe[7252] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\svchost.exe[7332] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtClose 77C245B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtClose + 4 77C245B4 2 Bytes [7E, 71] {JLE 0x73}
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateFile 77C246B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateFile + 4 77C246B4 2 Bytes [9C, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateKey 77C246F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateKey + 4 77C246F4 2 Bytes [AE, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateProcess 77C24780 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateProcess + 4 77C24784 2 Bytes [8A, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateProcessEx 77C24790 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateProcessEx + 4 77C24794 2 Bytes [87, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateSection 77C247D0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateSection + 4 77C247D4 2 Bytes [90, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateUserProcess 77C24860 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtCreateUserProcess + 4 77C24864 2 Bytes [8D, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtDeleteKey 77C24900 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtDeleteKey + 4 77C24904 2 Bytes [A8, 71] {TEST AL, 0x71}
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtDeleteValueKey 77C24930 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtDeleteValueKey + 4 77C24934 2 Bytes [A2, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtRenameKey 77C254B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtRenameKey + 4 77C254B4 2 Bytes [9F, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtSetInformationFile 77C25720 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtSetInformationFile + 4 77C25724 2 Bytes [93, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtSetValueKey 77C258F0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtSetValueKey + 4 77C258F4 2 Bytes [A5, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtTerminateProcess 77C259B0 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtTerminateProcess + 4 77C259B4 2 Bytes [84, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteFile 77C25B50 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteFile + 4 77C25B54 2 Bytes [99, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteFileGather 77C25B60 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteFileGather + 4 77C25B64 2 Bytes [96, 71]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteVirtualMemory 77C25B80 3 Bytes [FF, 25, 1E]
.text C:\Windows\system32\wuauclt.exe[8120] ntdll.dll!NtWriteVirtualMemory + 4 77C25B84 2 Bytes [81, 71]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\PC Tools Security\pctsSvc.exe[2040] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] [0044BE34] C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsSvc.exe[2040] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [0044C038] C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsSvc.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0044BE34] C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsSvc.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [0044C038] C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools Security Service/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsGui.exe[2368] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] [0044BAF0] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools GUI Application/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsGui.exe[2368] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [0044BCF4] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools GUI Application/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsGui.exe[2368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0044BAF0] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools GUI Application/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsGui.exe[2368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [0044BCF4] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools GUI Application/PC Tools)
IAT C:\Program Files\PC Tools Security\pctsGui.exe[2368] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateThread] [0044BAF0] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools GUI Application/PC Tools)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74AD2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74AB5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74AB56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74AD250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74AC8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74AC4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74AC50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74AC51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74AC66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74AC82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74AC8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74AC907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74ACE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2536] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74AC4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\PCTSDInjDriver32 \Device\PCTSDInjDriver32 PCTSDInj32.sys
Device \Driver\ACPI_HAL \Device\0000004b halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\Program Files\Immunet Protect\history.db-journal 0 bytes
File C:\Users\Christian_2\AppData\Roaming\IDM\DwnlData\Christian_2\1334210602f16265_0 0 bytes

---- EOF - GMER 1.0.15 ----

#13 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 12 April 2012 - 09:16 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

Try to run aswmbr in safemode

good luck


Downloaded and ran. It said "Backdoor.Tidservs has not been found on your computer." I have no idea what this means but it seemed something good. Re-scanning now with aswmbr.

#14 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 12 April 2012 - 09:28 PM

I re-scanned aswmbr in safe mode with network after running the fix and it still closed. Same problem occured as before. Here's an image before it stops working :
Posted Image

Here's the log before it crashes :

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-12 19:20:50
-----------------------------
19:20:50.456 OS Version: Windows 6.1.7600
19:20:50.456 Number of processors: 3 586 0x203
19:20:50.456 ComputerName: CHRISTIAN-PC UserName: Christian_2
19:20:51.345 Initialize success
19:20:51.408 AVAST engine defs: 12041201
19:20:53.997 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
19:20:53.997 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
19:20:54.013 Disk 0 MBR read successfully
19:20:54.013 Disk 0 MBR scan
19:20:54.028 Disk 0 Windows 7 default MBR code
19:20:54.028 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610469 MB offset 63
19:20:54.044 Disk 0 scanning sectors +1250242560
19:20:54.122 Disk 0 scanning C:\Windows\system32\drivers
19:21:26.977 Service scanning
19:21:40.685 Modules scanning
19:21:47.787 Disk 0 trace - called modules:
19:21:47.800 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys
19:21:47.801 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c32030]
19:21:47.801 3 CLASSPNP.SYS[8bba659e] -> nt!IofCallDriver -> [0x85c31918]
19:21:47.802 5 PCTCore.sys[8b6e1099] -> nt!IofCallDriver -> [0x8554d7f8]
19:21:47.802 7 ACPI.sys[8b4443b2] -> nt!IofCallDriver -> \Device\00000063[0x8554db60]
19:21:49.001 AVAST engine scan C:\Windows
19:22:07.265 AVAST engine scan C:\Windows\system32
19:25:50.272 AVAST engine scan C:\Windows\system32\drivers
19:25:58.230 AVAST engine scan C:\Users\Christian_2
19:27:07.411 Disk 0 MBR has been saved successfully to "C:\Users\Christian_2\Desktop\MBR.dat"
19:27:07.433 The log file has been saved successfully to "C:\Users\Christian_2\Desktop\aswMBRlastlog.txt"

#15 Cian13th

Cian13th
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 12 April 2012 - 11:35 PM

It seems as if Happili only affects my firefox. I did multiple searches using google chrome and no happili re-direct came up. I'm not 100% sure if it's just luck or only firefox is affected. What do I do as of now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users